Lightboard Lessons: Explaining the Spectre and Meltdown Vulnerabilities
The "Spectre" and "Meltdown" vulnerabilities affect almost every computer in the world. One of the very interesting things about each of these vulnerabilities is that they target the hardware (processor) of the computer rather than the software. Intel is the leading computer processor manufacturer in the world, and most Intel processors are vulnerable to both Spectre and Meltdown. Other manufacturers' computer processors are vulnerable as well. These vulnerabilities can allow an attacker to view the entire contents of the memory on a victim's computer. Because so much sensitive data is stored in memory (passwords, personal information, etc), these attacks can be devestating. Watch the video below to learn more about Spectre and Meltdown and how they work.
March 21, 2018 UPDATE
F5 has released BIG-IP v126.96.36.199 and v188.8.131.52. These versions include fixes for the SPECTRE variant 1 (CVE-2017-5753) and MELTDOWN (CVE-2017-5754) vulnerabilities.
The official documentation of these vulnerabilities and details on fixed versions is available from https://support.f5.com/csp/article/K91229003.