According to Tom’s Hardware, Google’s Project Zero team discovered the Meltdown and Spectre computer vulnerabilities when it found out that it could access data held in the protected kernel memory. Google does not believe these vulnerabilities have ever been exploited, but it’s impossible to verify.
Apple already patched the Meltdown exploit in the MacOS December OSX patch (10.13.2). Windows is pushing emergency patches out immediately.
“The Spectre exploit is much more nefarious and impacts Intel, AMD, and ARM. This exploit can access kernel memory or data from other applications. Researchers contend that fixing this exploit would require a fundamental re-tooling of all processor architectures, so we’ll live with the threat of this vulnerability for the foreseeable future. Fortunately, this exploit is extremely hard to execute and requires an elevated level of knowledge of the interior workings of the target processor.”