How to protect against Meltdown, Spectre flaws

Q: What do I need to do to protect my computer from the microprocessor flaws?

The Meltdown and Spectre processor security flaws, which many are calling the worst processor bug ever, should be of concern for all computer users.

Virtually every computer made since 1995 is considered to be vulnerable because of what has come to light as a design flaw in the way processors work. Tech companies are scrambling to patch this serious hole, with lots of issues of who needs to do what first, creating lots of confusion.

There are three main things that need to be updated in order to ensure you are protected: operating system, browsers and BIOS/firmware.

Operating system updates

In most cases, operating system updates are pretty straightforward and oftentimes automatic for Windows users, but not in this case. The available Windows update that patches the OS hole will only install properly if your anti-virus provider has created a provision in their protection that allows this critical update to install.

Without this “registry key” in place, users who try to install the update can experience system problems, including the dreaded “blue screen of death” (BSOD). Making sure your anti-virus program has updated your system is a critical first step (check the support website for your program). The full technical explanation from Microsoft is available here.

Apple users need to update their computers, mobile devices and even Apple TVs with MacOS 10.13.2, iOS 11.2 and tvOS 11.2, respectively.

Android users need to check their devices regularly to see if there is an available update, as there is no one update for all Android-based phones.

FILE – This Thursday, Jan. 7, 2016, file photo shows a laptop that uses Intel’s chip technology, at the Intel booth during CES International in Las Vegas. Technology companies are scrambling to fix serious security flaws affecting computer processors built by Intel and other chipmakers and found in many of the world’s personal computers and smartphones. (AP Photo/John Locher, File)

Browsers

Every browser you use on every device needs to be updated to the latest version, but this is the easiest and most straightforward process of the three. All of the major browsers have already created updates to patch this flaw, so there is nothing to wait for here.

BIOS/firmware updates

This is by far the most-complicated and least-clarified part of the update. Intel announced that they plan to have firmware updates for 90 percent of processors made in the past five years by Saturday, Jan. 13, and for older processors by the end of the month.

Think of firmware as a software update with operating instructions for a piece of hardware.

What makes this layer of protection so complicated is that figuring out where to get the patch depends on who made your computer’s motherboard, and installing it requires some technical knowledge. It’s also a bit risky, because if something unexpected happens (like a power outage), you can render your computer’s motherboard useless.

Intel has published a detection tool for Windows and Linux users that can help you determine if you are vulnerable to these flaws, but it won’t necessarily tell you exactly where you’ll need to go to get the update.

It’s unclear at this point on what AMD or Mac users should do as it pertains to firmware updates, so press releases are being monitored to see if clarity comes soon.

As this is a dynamic situation with lots of unanswered questions, information is being compiled and we will be emailing anyone who wants suggestions once all of the updates have been clearly articulated.

Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any tech question on Facebook or Twitter.

Federal News Network Logo
Log in to your WTOP account for notifications and alerts customized for you.

Sign up