Spectre and Meltdown vulnerabilities - essential information

Penetration Testing Experts


You may have read reports online of two major flaws in a large number of microprocessors: Spectre and Meltdown.

Spectre and Meltdown relate to an apparent vulnerability in chips which may allow the breaking of isolation between programs and operating systems. Whilst programs typically cannot read data from other programs, a malicious program may be able to exploit Spectre and Meltdown in order to gain access to information as stored in the memory by other programs. This information may include passwords as stored in a password manager or browser, photos, emails, messages or documents. It may also be possible for an exploit to locate the usually-randomized kernel locations, which could in turn cause an entire system to be compromised.

It is thought that the chips potentially affected can be found in most desktops, laptops, cloud computers and phones, and at this stage patches have only been released from some manufacturers (not including ARM or AMD) and only for Meltdown. You may wish to apply patches when they are available, although it has been reported that this may see a decrease in microprocessor speed.

If you have any questions relating to Spectre and Meltdown please don’t hesitate to contact our technical team.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top