In short, it’s been recently disclosed that most modern processors released in the last 20 years have security vulnerabilities. These flaws are known as “Meltdown” and “Spectre,” and essentially allow malicious individuals to steal your data (e.g., passwords, encryption keys, browser history, documents, emails) stored in the protected kernel memory area on your device.
These are flaws at the hardware level and they affect pretty much all modern microprocessors, including those from Intel, AMD, and ARM — but Intel processors are more vulnerable as AMD says some of the vulnerabilities don’t affect its chips at all –, and this also affects versions of Windows as well as Linux, macOS, Google OS, and other OSes.
Unfortunately, these are design flaws inside the microprocessors and they can’t be modified through software update, but hardware and software vendors can update their software to mitigate the issues. However, the solution will come with a price of performance, as it’s expected that the fixes will slow down computers up to 30 percent depending on the processor model.
If you’re a PC user, staying protected at this time is not easy, because we’re still in the early stages and there are many pieces to the puzzle. But there a number of things you can do to protect your device.
Install the latest Windows update
If you’re a Windows 10 user, Microsoft has already made available an emergency patch for all versions of Windows, which is part of a series of updates to resolve these vulnerabilities.
Windows 10 version 1709 (Fall Creators Update) is getting update KB4056892, while version 1703 (Creators Update) is receiving update KB4056891.
Older versions of the OS are also getting patched as well:
- KB4056890 — Windows 10 version 1607 (Anniversary Update)
- KB4056888 — Windows 10 version 1511 (November Update)
- KB4056893 — Windows 10 version 1507 (Initial Release)
The update will download and install automatically, but you can always force the update on Settings > Update & Security > Windows Update, and clicking the Check for updates button.
In order to check if your device is protected go to Settings > Update & Security > Windows Update, click the View installed update history link and make sure, under “Quality update,” the latest update has been applied.
Windows 8.1 and Windows 7 are also getting an update to protect computers against these processors flaws, but users running older versions of Windows won’t see the update until the next Patch Tuesday.
It should be noted that Microsoft has quietly already patched the test version of Windows 10 available through the Insider program.
Installing the update manually
If your device isn’t seeing the update, it’s possible that there is a problem with Windows Update or you have an antivirus that hasn’t been updated to support the latest update.
Recently Microsoft noted that a problem with some antivirus software that are trying to talk to kernel memory using unsupported calls, and this behavior cause a bug check — commonly known as Blue Screen of Death (BSOD).
In order to prevent devices from coming across this issue, Windows Update will not install the newest fixes where an unpatched antivirus solution is installed.
You can always get around this issue by uninstalling the third-party antivirus and use Windows Defender Antivirus until your software vendor issues an update.
Firmware update
Alongside making sure all your software is up to date, you should also make sure to check with your PC manufacturer (e.g., HP, Dell, Lenovo, Asus) website for new firmware updates.
Intel has already started to roll out fixes to address the Meltdown and Spectre issues on devices using its processors. Microsoft has just made available a firmware update to protect its Surface devices against these security bugs.
Update all your software
In addition, you need to make sure your applications are up to date as well. According to Mozilla, Firefox version 57 ships with a fix, Microsoft already updated Microsoft Edge and Internet Explorer.
Google is also expected to release a fix with upcoming Chrome version 64 on January 23, but right now, you can enable Chrome Site Isolation security feature that isolates every website on its own process adding an extra layer of protection.
Wrapping things up
If you have a PC running Windows, the most you can do at this time is to make sure Windows 10 has the latest update and BIOS or UEFI update installed. Beyond these recommendations, there isn’t much you can do to protect your device against the Meltdown and Spectre vulnerabilities.