Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) are two individual security vulnerabilities discovered and reported by the Project Zero Team at Google. Both Meltdown and Spectre exploit critical vulnerabilities in modern processors and therefore affect a wide range of devices that includes personal computers, mobile devices and server hardware in datacenters.
There is an isolation between user applications and the underlying operating system that runs it. Meltdown exploits this isolation by allowing a program to access the memory, and therefore also access stored information of other applications and the operating system.
Spectre, on the other hand attacks the isolation between different applications and can allow an attacker to manipulate software applications into leaking information that is otherwise protected.
There are software patches available to correct software design for protection from future exploits for Meltdown and Spectre.
Manufacturers and operating system vendors have also released software and firmware patches to mitigate the issue. Please see the below list for official guidance and security advisories:
Farida Ali is CEO and President of Dynamic Computer Corporation. She is an experienced executive with over 25 years of experience building and transforming Dynamic to be uniquely positioned as an expert technology solutions provider in highly regulated industries. Farida holds a bachelor’s degree in political science from the University of Michigan, as well as a Juris Doctor degree and membership in the State Bar of Michigan. As a certified woman-owned business and a certified minority business enterprise, Dynamic has a strong focus on diversity and inclusion, with Farida spearheading this initiative.