Meltdown & Spectre overview

Meltdown and Spectre exploit critical vulnerabilities in modern processors. The vulnerabilities make it possible for programs to steal data that is currently being processed on the computer. This is done by using a malicious program to exploit the memory of another ‘target’ program and gaining access to otherwise secret information. This could include stored passwords, photos, emails, IMs, banking information, etc…

Meltdown & Spectre are threats to personal computers (desktops/laptops), mobile devices, and cloud-hosted workloads (potentially other customers’ data). Let’s take a look at the differences between the two attacks.

Meltdown



Meltdown

Meltdown breaks the fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, thus the secrets, of other programs and the operating system. If your computer has a vulnerable processor and runs an unpatched OS, it is not safe to work with sensitive information without fear of the exploit. Meltdown was discovered by 3 separate teams: Google Project Zero, Cyberus Technology, and Graz University of Technology.
Meltdown

Spectre

Spectre

Spectre breaks the isolation between different applications. This exploit allows an attacker to trick “error-free” programs, which are following best practices, into leaking their secrets. These best practices that these programs follow actually increases the attack surface and can make applications even more vulnerable to Spectre. The Spectre exploit is more difficult to initiate than Meltdown but it is also more difficult to mitigate.
Spectre