What’s the Deal with Meltdown and Spectre?


January 5, 2018

It’s not even a full week into the new year, and we’ve got two brand spanking new security threats knocking on our door. They’re named Meltdown and Spectre, and they’re here to ruin not just your day but everybody who’s bought a device with a microprocessor in it.

Both exploits take advantage of flaws in the microprocessors that would allow would-be hackers to steal personal information and passwords right off your device.

So what devices are affected by these exploits? Meltdown affects Intel-powered machines while Spectre goes after processors from AMD and ARM. That means basically everything is vulnerable to this destructive double-team.

How do they work?

Both flaws target the way processors handle “speculative executions.” The vulnerability allows hackers to scope out your machine and poke around its memory for things like passwords, encryption keys and pretty much anything else they might want to look at on there.

So is the sky falling? Nope, well at least not yet. There’s still no long-term solution to the problem, but there are some steps you can take to make sure your devices stay safe.

How to protect yourself from Meltdown:

Good news! Microsoft, Apple, Google, and Mozilla have all released patches that have, they claim, taken care of meltdown.


Updates have already pushed to Windows 7 and Windows 10 users. A patch for Windows 8 is in the works and consumers should see it soon. Microsoft notes some users are having trouble installing the patches and recommends you disable your antivirus momentarily (if you’ve got any of the nasty stuff on your machine) before trying to implement the security update.


Ugh, the man in Cupertino’s been busy lately (doing what exactly we don’t know, maybe improving their Quality Assurance workflows), but a fix for Macs is scheduled to appear in macOS 10.13.3. I don’t know when that’s going to be released, but I assume it’ll be relatively soon.

Google and Everybody Else

Google and Mozilla both have either updated their browsers or are planning to do so shortly. If you’re one of the last ten people using Firefox, you can download the latest version now. If you’re a Chrome user like almost everybody else, you can expect an update to drop on January 23.

Google’s also released a system update for Android users. If you’re using stock OS, you should have it already. If not and your software is solicited to you at the whim of the device manufacturer, you might have to wait.

How to Protect Yourself From Spectre:

As of right now, this very moment…it’s not exactly clear that you can.

It’s a lot harder to defend yourself against Spectre. There aren’t any patches out there that’ll do the job for you. It’s starting to look like the only real fix will be to redesign the way operating systems function or microprocessors built.

Yeesh. We know that’s not a great answer. Things are still developing, and we’ll get better information out to you ASAP when it becomes available. 

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...