6 steps firms can take to mitigate Spectre and Meltdown risks
“Spectre" and "Meltdown" are the code names given to different strains of a new class of security attacks that target an underlying exploitable design implementation inside the majority of computer chips manufactured over the last 20 years. Security researchers revealed three major variants of attacks in January 2018. The first two are referred to as Spectre, the third as Meltdown, and all three variants involve speculative execution of code to read what should have been protected memory and the use of subsequent side-channel-based attacks to infer the memory contents. Gartner has identified six steps security leaders can take to mitigate risk.