Google discloses the Spectre and Meltdown vulnerabilities

3rd January 2018
Google discloses the Spectre and Meltdown vulnerabilities

Following a number of university-led research programmes, the first two of many subsequent transient execution CPU vulnerabilities, named Spectre and Meltdown, were disclosed by the Google Project Zero team.

Transient execution CPU vulnerabilities can occur in computer systems where the CPU operates speculative execution and/or branch prediction optimisations to prefetch instructions with the aim of increasing processing speed.

If the attacker is able to compromise, or directly inject, speculatively executed code into the processing pipeline, they may be able to affect components of the processor, such as the cache, and therefore discover the values of secret data.

While the initial reaction of industry players was that this was 'processors functioning as designed', it led to them producing multiple software, hardware or microcode mitigations to prevent the attacks succeeding.

It also led to multiple subsequent variants of Spectre, and many other similar attacks, being discovered and disclosed.

Related information:






Google discloses the Spectre and Meltdown vulnerabilities

Click on the Images
For Detail


Help support the museum by buying from the museum shop

View all items

Founding Sponsors
redgate Google ARM Real VNC Microsoft Research
Heritage Lottery Funded
Heritage Lottery Fund
Accredited Museum