Recently new vulnerabilities similar to Spectra and Meltdown have just been identified that expose VMware vSphere environments. Runecast Analyzer included automated checks to detect Spectra and Meltdown vulnerabilities when it become public, and now they have done the same to the L1 Terminal Fault (L1TF).
Runecast Response to L1 Terminal Fault (L1TF) in VMware vSphere Environments
“The new vulnerability is named “L1 Terminal Fault” or L1TF. The most obvious difference from Spectre/Meltdown is that this vulnerability only affects Intel processors – so less environments are affected. However, it is important to recognise that there can be even more disruptive post-remediation consequences than was the case with Spectre/Meltdown remediation. An overview is provided below discussing the potential impact of the vulnerability, and the method to remediate.”