Antonio Nappa, Researcher, Minsait, Indra
In this presentation we analyze the (in)famous microarchitectureal side-channel attacks known as Spectre and Meltdown. We also analyze the patching procedure and its effectivity. Despite the big impact these vulnerabilities have and will have in the future, the effort to make the patching process reliable and definitive is far from perfect. We show an average performance impact over 40% and that without patching the CPU microcode, it is not possible to fix all the vulnerabilities.