Meltdown and Spectre: The vulnerabilities of modern processors

Posted date 12/01/2018

An article in The Register revealed these potential vulnerabilities, initially reporting on their impact on Intel platforms, but later, a group of experts from Google's Project Zero, the companies Cyberus and Rambus, and several universities that discovered these vulnerabilities, published all the details, giving to know that their discoveries also affected processors AMD and ARM, besides Intel, manufactured during the last decade.

The vulnerabilities called Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) would take advantage of an error in the design of all the processors on the market that make use of the characteristics known as "speculative execution", consisting in that the processor executes code and arrives at a point in an algorithm in which the instructions are bifurcated in two different directions depending on the input data, these instructions save time by "speculating" with the path by which the process will continue to be executed.

The different technological companies, both at the level of processor manufacturing and operating system developers, are already working on the updates that provide solutions to these problems, although according to some developers and information, these patches could slow down the operating systems considerably.