Almost every company operating in the 2020s is reliant on information technology at some level of their business, and because of this, they are also reliant on expert IT security services to ensure that data vital to the running of the business is protected and confidential.
All of this made a system vulnerability revealed in 2018 exceptionally concerning, and required a global concerted effort to protect businesses and individual users before it could be exploited to cause harm.
Officially known as Rogue Data Cache Load, Meltdown along with Spectre was a vulnerability that took advantage of ways CPUs would prevent processes from accessing data that belonged to other processes being run and could in tandem be used to access protected system memory.
Whilst both vulnerabilities are very slow, it would still be enough to allow an attacker to take passwords and encryption keys, which would allow for much more damaging attacks on a system.
What concerned cybersecurity experts so much is that it took advantage of faults inherent to how a computer’s central processing unit (CPU) worked, meaning that it could affect almost any computer at a hardware level regardless of the operating system or security systems installed onto it.
Fortunately, whilst the issue was found at a hardware level, software patches were effective at reducing the risks, although this came at the expense of system performance. If a computer in 2018 suddenly ran far slower or would unexpectedly reboot, this was the likely cause.
The main strategy used was known as kernel page table isolation, which isolated the memory used by the central kernel of an operating system and the user space that would be used to enter potentially vulnerable information.
Since 2019, most CPU manufacturers have changed how they design their processors to reduce the risk of both Meltdown and Spectre and with both hardware and software defences, IT security technicians are in a better place to protect users.