Spectre and Meltdown emerged in January of 2018 as a new class of vulnerability the security industry had never encountered before. The initial remedy was supposed to be routine patch applications from the proper prominent vendors in question (Google, Amazon, Microsoft, Apple, Intel and so on). But the first rounds of patches were costly and disruptive and once complete, slowed system performance considerably.

The problem came about in the first place because chip manufacturers found clever ways to improve chip performance. The method is called “speculative execution,” a trick used to enhance performance in almost all modern chips. Speculative execution allows a program to begin using memory and executing instructions before completing the security check to see if the action should be allowed. This sped up performance but inadvertently left backdoor access where processing takes place on the chips.

At least 20 variant attacks have been demonstrated so far, some more dangerous than others. (See our blog 20 Spectre and Meltdown Attacks Demonstrated So Far and Rising: This Class of Threat Continues in 2019, https://virsec.com/20-spectre-and-meltdown-attacks-demonstrated-so-far-and-rising-this-class-of-threat-continues-in-2019/).