Intro: malicious program to run on guest systems
Meltdown and Spectre threats can be classified under technical hardware failures.They exploit critical vulnerabilities in modern processors.They can attack computers, mobile devices, and devices connected to the cloud. It compromises data integrity as it can access unauthorized information.
Meltdown exploits the non-accessible area of kernel memory which is guarded against user access. The out of order execution arbitrarily reads restricted memory location including personal details and password.
Meltdown breaks all security assumptions given by address space isolation and every security mechanism building upon this foundation. On affected systems, Meltdown enables an adversary to read the memory of other processes or virtual machines in the cloud without any permissions or privileges, affecting millions of customers and virtually every user of a personal computer.2
It exploits the speculative execution resulting from a branch mis-prediction of microprocessors to read private information in the cache that may reveal data to the adversary.The resulting state of the data cache constitutes a side channel through which an attacker may be able to extract information about the private data using a timing attack.
Spectre is more of a threat than the meltdown. Eg: A website can read browser data or data from another website. Spectre can also command malicious program to run on guest systems virtually.
They affect Intel x86 microprocessors and embedded devices using ARM-based processors including a wide range of networking equipment.
Defense against Meltdown and Spectre: