The Meltdown / Spectre saga continues. Ulf Frisk just posted a description of a vulnerability he has coined “Total Meltdown”. It seems that Microsoft developers introduced an even worse vulnerability while fixing the Meltdown vulnerability
in Windows 7 and Windows 2008 Server R2. With this broken Meltdown
“fix” installed, any program can read or write any word in any other
program’s memory, or the kernel’s memory for that matter, just by
reaching out and touching – no special tricks required. The cure is
worse than the disease.