A report from The Register yesterday claimed that Windows and Linux developers were scrambling to fix a “fundamental design flaw in Intel’s processor chips.” The flaw theoretically allows any program to view the layout or contents of protected kernel memory areas, which often contain passwords, login keys, cached files, and other sensitive data. Even a web app could potentially read kernel-protected data.
After this report (and a tweet with sample code) was published, Google’s Project Zero security team came forward with more details.
‘Spectre’ and ‘Meltdown’ CPU vulnerabilities become public, most Google products already protected was written by the awesome team at Android Police.