It has recently been discovered that almost all Computers and Smart devices made in the last 20 years have 2 major security flaws which go by the name Meltdown and Spectre. Though it is extremely difficult to exploit these security flaws, it is still possible and hackers love a challenge, so make sure you follow the steps shown in this guide to drastically reduce your chance of falling victim to both Meltdown and Spectre.
Although both of these flaws are quite severe, Spectre is the worst of the two and has been discovered in almost every CPU available on the market, AMD, ARM, and Intel. What makes Spectre so bad is that it is a physical flaw, which can only be completely removed with a complete CPU redesign. In the meantime, until the hardware flaw is fixed, it is still possible to block access to the exploit on older and current model CPU’s using software patches.
Meltdown, on the other hand, is less dangerous on its own, however, when combined with Spectre allows for Spectre to be exploited far more easily. The good news is that although these flaws are physical in characteristics, software patches have already been released to fix the issue, with more under development for both Spectre and Meltdown. If you don’t patch your system as soon as possible you will be leaving yourself open for malicious individuals to steal your data, passwords, encryption keys, browser history, documents, emails etc. Below you will find a list of preventative measure you can take on Windows devices.
Note: You should also make sure your Google Services and Google Devices are also protected: How to Protect Google Devices, Android Devices and Google Services Against Meltdown and Spectre.
Meltdown and Spectre Protection For Windows 10.
The first and most important thing you can do to prevent any Meltdown or Spectre flaws on your system is update it to the latest version. The current safe versions for the latest major updates are listed below, though if you are using anything before Fall Creators 1709, you should update fully as soon as possible.
- Windows 10 version 1709 (Fall Creators) is getting update KB4056892
- Windows 10 version 1703 (Creators Update) is getting update KB4056891
- Windows 10 version 1607 (Anniversary Update) is getting update KB4056890
- Windows 10 version 1511 (November Update) KB4056888
- Windows 10 version 1507 (Initial Release) KB4056893
If you want to search for manual updates check out the Microsoft Update Catalog Page and enter the update codes into the search bar. (just make sure you pick the right update for your version of windows)
If you want to use the Automatic Update system open Settings go to Update & Security, then select Check For Updates.
Note: You will need to do the same for all Windows Surface Devices.
Update Device Firmware & BIOS Across All Your Devices.
The next thing you need to do is make sure is that your System BIOS is fully up to date and you have the latest Firmware versions available for your hardware. For BIOS and Firmware updates you will need to check your device manufacturer's website. For Surface device users, check out the link below to get the latest firmware updates from Windows.
Update Your Internet Browser and Enable Site Isolation to Protect Against Spectre and Meltdown. (Chrome, Firefox, Edge, Internet Explorer)
Once you have updated Windows, your BIOS, and your Firmware, it’s important to also update your Internet Browser. Microsoft Edge, Internet Explorer and Firefox Quantum have already released updates (no site isolation required). The Google Chrome version 64 update is due for release shortly, however, in the meantime, while you have version 63 it’s recommended to enable Site Isolation. If you aren't sure how to enable Site Isolation on Google Chrome, check out the guide below. You will also need to enable Site Isolation if you are using Opera, again a link showing you how can be found below.