What’s the Deal with Meltdown and Spectre?


January 5, 2018

It’s not even a full week into the new year, and we’ve got two brand spanking new security threats knocking on our door. They’re named Meltdown and Spectre, and they’re here to ruin not just your day but everybody who’s bought a device with a microprocessor in it.

Both exploits take advantage of flaws in the microprocessors that would allow would-be hackers to steal personal information and passwords right off your device.

So what devices are affected by these exploits? Meltdown affects Intel-powered machines while Spectre goes after processors from AMD and ARM. That means basically everything is vulnerable to this destructive double-team.

How do they work?

Both flaws target the way processors handle “speculative executions.” The vulnerability allows hackers to scope out your machine and poke around its memory for things like passwords, encryption keys and pretty much anything else they might want to look at on there.

So is the sky falling? Nope, well at least not yet. There’s still no long-term solution to the problem, but there are some steps you can take to make sure your devices stay safe.

How to protect yourself from Meltdown:

Good news! Microsoft, Apple, Google, and Mozilla have all released patches that have, they claim, taken care of meltdown.


Updates have already pushed to Windows 7 and Windows 10 users. A patch for Windows 8 is in the works and consumers should see it soon. Microsoft notes some users are having trouble installing the patches and recommends you disable your antivirus momentarily (if you’ve got any of the nasty stuff on your machine) before trying to implement the security update.


Ugh, the man in Cupertino’s been busy lately (doing what exactly we don’t know, maybe improving their Quality Assurance workflows), but a fix for Macs is scheduled to appear in macOS 10.13.3. I don’t know when that’s going to be released, but I assume it’ll be relatively soon.

Google and Everybody Else

Google and Mozilla both have either updated their browsers or are planning to do so shortly. If you’re one of the last ten people using Firefox, you can download the latest version now. If you’re a Chrome user like almost everybody else, you can expect an update to drop on January 23.

Google’s also released a system update for Android users. If you’re using stock OS, you should have it already. If not and your software is solicited to you at the whim of the device manufacturer, you might have to wait.

How to Protect Yourself From Spectre:

As of right now, this very moment…it’s not exactly clear that you can.

It’s a lot harder to defend yourself against Spectre. There aren’t any patches out there that’ll do the job for you. It’s starting to look like the only real fix will be to redesign the way operating systems function or microprocessors built.

Yeesh. We know that’s not a great answer. Things are still developing, and we’ll get better information out to you ASAP when it becomes available. 

Carl Keyser is the Content Manager at Integris.

Keep reading

Updating Your Bank’s Security Training for the Age of AI

Updating Your Bank’s Security Training for the Age of AI

How much could AI-driven models like Copilot for M365, Google Gemini, or Apple Intelligence improve the productivity at your bank? The jury is still out on that one, but initial experiments place the overall AI-driven productivity gains for the US economy at between 8...

What to Know Before Installing Co-Pilot for Microsoft Word

What to Know Before Installing Co-Pilot for Microsoft Word

Imagine having an AI assistant that pulls from your notes, marries them to an existing document format, and writes a document for you. That's the power of Copilot for Microsoft Word, which is planned for rollout in 2024 for those who buy the Copilot M365 license....

Bridging the Gap between Automation and Innovation

Bridging the Gap between Automation and Innovation

Automation and Innovation. Some people might say those two words cancel each other out. Yet, I believe these two concepts can create capacity for each other—if your business leverages the free time automation creates to foster innovation. Automation can be...