Nearly all stored information is sensitive, such as personal data or passwords, and needs to be protected. It is not only the software that could contain vulnerabilities; the hardware also sometimes has flaws that malicious parties can exploit. Herbert Bos, along with the Systems and Network Security Group (VUSec) of VU Amsterdam, shows that this is the case with memory chips from Intel.
The vulnerability of the Intel chips enables an attacker to 'listen in' on what the processor is doing with data from other users - in other programs, on other virtual machines, in the operating system and even in the highly-secured security enclaves that Intel has been supporting for several years. The only thing an attacker needs is a program that runs on the owner’s device. On a PC, programs of an unknown origin are constantly running, for example, when you visit a website that contains Javascript (which is almost every website nowadays).
The researchers discovered this vulnerability in September 2018. They coordinated the disclosure of this to Intel, so that the company could release a security patch in time. This was done in May 2019. In November 2019, the researchers revealed that the patch worked only partially, contrary to Intel's promise.