Meltdown and Spectre chip flaw timeline

The semiconductor industry has scrambled to correct hardware security vulnerabilities that affect billions of machines


Just after the turn of the year on 2 January researchers from Google revealed hardware vulnerabilities in the majority of CPUs in the market – and called these Meltdown and Spectre.

Meltdown, Google explains, "breaks the most fundamental isolation between user applications and the operating system.

"This allows a program to access the memory, and the also the secrets, of other programs and the operating system."

The researchers described Spectre as a flaw that "breaks the isolation between different applications" – "it allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets.

"In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre."

The flaws affect billions of systems globally across AMD, ARM and Intel designs. The semiconductor industry has worked hand in glove since the vulnerabilities were revealed to try to address them with updates, but these are causing problems of their own – slowing down older systems and even making some PCs unbootable.

Read on to see how the drama has unfurled so far.