Use your computer fearlessly.

Mission Services Articles Research

everyone: older news

business: containment

technical: attacks

Spectre and Meltdown Used in the Wild

by Brent Kirkpatrick

(Date Published: .)

After they were announced, the Spectre and Meltdown hacks were used by hackers.

Disclosure of the Spectre and Meltdown hacks took place in January, 2018. These were classified as critical vulnerabilities (in the CVE classification system). Software engineers worked quickly to create patches, many of which had been released by mid-February. Although patches are available many systems remain unpatched. This leaves many systems vulnerable to exploit.

After the disclosure of Spectre and Meltdown, Intrepid Net Computing has observed exploits in the wild that are very similar to Spectre and Meltdown. What would have happened if they had not been announced publicly?

cartoon: spectre and meltdown

The public disclosure of these critical vulnerabilities spurred rapid innovation of patches. If they had not been made public, likely patching would have proceeded in a less frenzied fashion. The patches would have been produced more slowly, but hackers would not have been able to reproduce the exploits and use them.

defendIT image

defendIT (TM). AI-driven security measures derived from security incident data.

Technical Articles


INC Logo

What Is New? | Contact | Tips

© 2015-2021 Intrepid Net Computing. All rights reserved.