How to protect the computer against Meltdown vulnerability on CPU?
This article is in the series: Overview of vulnerabilities on Intel, AMD, ARM chips: Meltdown and Specter. Please read all the articles in the series to get information as well as take steps to protect your device against these two serious security holes.
As detailed information on two serious security holes on the processor gradually cleared up, companies are trying to release security patches.
Named Meltdown and Specter, these two errors affect almost every device produced in the last two decades . Meltdown only on Intel chips and researchers have also released PoC code describing the attack exploiting this error.
The vulnerability allows an attacker to take over the memory process on the processor by exploiting parallel processes. Attackers can use JavaScript code to run on the browser and access the memory of processes on the machine. From there, users can lose many important data.
Researchers have shown that it is easy to attack on Linux, and Microsoft claims there has been no case of exploiting a vulnerability on Windows. The protection of Windows PC so far is not simple because there are many unknowns.
Microsoft, Google and Mozilla both released patches for their browser. Firefox 57, Internet Expolorer and Edge on Windows are all patched. Google will release a patch on Chrome 64, released on January 23. Apple hasn't said specifically about the plan to patch Safari or even macOS. Overall, Chrome, Edge and Firefox users only need to update automatically.
The OS is a bit more complicated. Microsoft has released an emergency security patch via Windows Update, but if you use antivirus software, you may not see it.
There is still a need to update firmware from Intel to protect the firmware and will be released through each OEM separately. Each OEM has its own release plan, with support information, so you should visit their website for details.
Computer protection requires the co-operation of both hardware and software
If you use a Windows PC or laptop, it is best to update to the latest Windows 10 and update BIOS from Dell, HP, Lenovo . Hopefully Microsoft or Intel will release a protection level test tool on both firmware and Windows. Only PowerShell is currently available. Here are some basic steps if you are not used to PowerShell:
- Update the latest version of Chrome or Firefox.
- Make sure to install Build KB4056892 on Windows 10 via Windows Update
- Check the OEM website for support information or firmware updates
The above steps only help protect against Meltdown. Specter is still unknown and security experts say it is also harder to exploit than Meltdown. Specter fix is also more complicated because of the need to redesign the processor and hardware changes. So maybe we will have to live with Specter for a few more years.
Please download the browser patches below.
- Firefox 57: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
- Internet Explorer and Edge: https://blogs.windows.com/msedgedev/2018/01/03/speculative-execution-mitigations-microsoft-edge-internet-explorer/#tpOa1SwmRDKibAxg.97
- Check security vulnerabilities with PowerShell: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
See more:
- Apple confirmed that all Mac and iOS devices are affected by Meltdown and Specter
- All you need to know about Meltdown and Specter - two dangerous vulnerabilities are present on billions of devices running Intel, AMD and ARM chips.
- Serious security vulnerability on Intel chips
You should read it
- This is a way to protect Linux Mint from Meltdown and Specter
- Origin of the name and logo of Meltdown and Specter - Melting and Ghosts
- Bkav released a free detection tool for Meltdown and Specter
- List of links to download BIOS updates for Meltdown and Specter
- Intel claims: New security updates help the computer to be 'immune' to Meltdown and Specter
- PC with Skylake and Kaby Lake CPUs failed to restart automatically after installing Meltdown & Specter patch
- Apple confirmed that all Mac and iOS devices are affected by Meltdown and Specter
- Microsoft released a series of non-bootable patches for Windows 10 on PCs with AMD chips
May be interested
- Intel claims: New security updates help the computer to be 'immune' to Meltdown and Specterintel claims that its new security patches will help the computer be immune to two extremely serious security bugs, attracting users' attention during the past two days: meltdown and specter. also in this statement, the company confirmed that by the end of the week, 90% of computers will be protected.
- Microsoft released an update for Surface, protecting it from Meltdown and Spectermicrosoft has released a number of updates to protect the surface tablet against two serious security holes on the cpu.
- 2 AAG and APG fiber optic cable routes and intermittent interrupt this weekend, Internet connection from Vietnam to international will be affectedin 2 days 6 - 7 january 2018, both aag and apg submarine cable lines will temporarily interrupt communications due to relocation and reconfiguration of the system. therefore, internet connection from vietnam to international will be affected.
- Intel CEO sold all shares right after revealing security flawsintel gave no further explanation as to why krzanich sold all such shares.
- Google's CPU patch will not have much impact on the device thanks to new technologyfinally there is some good news for chip makers.
- Error on CPU seriously affects cloud storage servicescloud patching platforms are very fast, but the hardest part is still there.