Protecting Devices Against Meltdown/Spectre Flaws

In an effort to speed up processing, Intel, Qualcom, and other CPU manufacturers designed their processors to make processing faster. Unfortunately this speed, which meant taking some steps that made sense in the design stage, has now proven to leave security weaknesses.

The Meltdown and Spectre processor security flaws, which many are calling the worst processor bug ever, should be of concern for all computer users. Virtually every computer made since 1995 is considered to be vulnerable because of what has come to light as a design flaw in the way processors work. Tech companies are scrambling to patch this serious hole.

There are three main things that need to be updated in order to ensure you are protected from these microprocessor flaws: Operating system, browsers, and BIOS/Firmware.

Operating System Updates

In most cases, operating system updates are pretty straightforward and often times automatic for Windows users, but not in this case. The available Windows update that patches the OS hole will only install properly if your anti-virus provider has created a provision in its protection that allows this critical update to install. Without this ‘registry key’ in place, users that try to install the update can experience system problems including the dreaded Blue Screen Of Death (BSOD).

Making sure your anti-virus program has updated your system is a critical first step and you should check the support website for your program. The full technical explanation from Microsoft is available at https://goo.gl/Y6dN5t

Apple users need to update their computers, mobile devices, and even Apple TVs with MacOS 10.13.2, iOS 11.2, and tvOS 11.2 respectively. Android users need to check their devices regularly to see if there is an available update, as there is no one update for all Android-based phones.

Browsers

Every browser you use on every device needs be updated to the latest version, but this is the easiest and most straightforward process of the three. All of the major browsers have already created updates to patch this flaw, so there is nothing to wait for here.

BIOS/Firmware Updates

This is by far the most complicated and least clarified part of the update. Intel announced that they were to have firmware updates for 90% of processors made in the past five years by Jan 13, and older processors by the end of January.

Think of firmware as a software update with operating instructions for a piece of hardware. What makes this layer of protection so complicated is that figuring out where to get the patch depends on who made your computer’s motherboard and installing it requires some technical knowledge. It’s also a bit risky because if something unexpected happens, like a power outage, you can render your computer’s motherboard useless.

Intel has published a detection tool for Windows and Linux users that can help you determine if you are vulnerable to these flaws at: https://goo.gl/AJ3FEs but it won’t necessarily tell you exactly where you’ll need to go to get the update. We’re also not clear at this point on what AMD or Mac users should do as it pertains to firmware updates, so we’re monitoring press releases to see if clarity comes soon.

As this is a dynamic situation with lots of unanswered questions, we’re compiling the information and will be emailing anyone that wants our suggestions once all of the updates have been clearly articulated. Go to https://goo.gl/forms/JlVzPjJLAuwPmAPB3 to get alerts.