Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.
If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure.
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.
Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.
|Windows 10 1709||KB4056892|
|Windows 10 1703||KB4056891|
|Windows 10 LTSB 2016||KB4056890|
|Windows 8.1 with Update||KB4056898|
|Windows 7 SP1||KB4056897|
已经发布了修补补丁，只需安装即可(MacOS 10.13.3 High Sierra)，性能仍会受到影响