There are a pair of security flaws present in nearly every device you’ve got that could allow hackers to steal information like passwords and other personal information. The exploits, Spectre and Meltdown, take advantage of actual flaws in the design of your device’s microprocessor.
Image credit: Handout/Getty
Your computers, smartphones, and other devices might be affected or slowed down for years to come, but there are already patches available from companies to protect yourself at least partially from the immediate threat while a long-term solution is figured out.
How Spectre and Meltdown Work
The processor vulnerabilities, Meltdown and Spectre (the latter being a pair of two similar vulnerabilities), essentially target the way processors optimise certain actions, a function known as “speculative execution”. That vulnerability allows them to see the memory (including personal information) inside other programs and services down to the core of the operating system.
Your antivirus isn’t gonna fix that. The Meltdown flaw mostly affects Intel-powered machines like your desktop or MacBook, while the Spectre flaw affects processors from AMD and ARM. That means your smartphone is also likely affected by the processor flaw.
How to Protect Yourself From Meltdown
The Meltdown flaw, luckily, is already being patched by companies like Microsoft and Google. To ensure you’re up to date, follow the instructions for your operating system.
Microsoft: Microsoft has already released an update for Windows 10 patching the vulnerability and is releasing patches for Windows 7 and Windows 8 soon. If you’re having trouble installing the automatic security update, Microsoft suggests your anti-virus might be the culprit.
If so, turn off your anti-virus program and use Windows Defender or Microsoft Security Essentials (or edit your registry if you’re confident you won’t mess it up). If you’re on Windows 10, chances are you’ve either automatically downloaded the update, or are scheduled to update on a set schedule.
Advanced users can check if they’re affected by running Microsoft’s verification test in your command line.
Browsers: Google Chrome, Mozilla’s Firefox, and Microsoft Edge have all updated or scheduled updates to patch the security flaw. You can update Google Chrome to its latest, patched version on January 23, or download Firefox’s latest update.
Android: Android users running the most recent version of the mobile operating system are protected, according to Google.
How to Protect Yourself From Spectre
While you can protect yourself from Meltdown, it’s harder to defend against the more invasive Spectre flaw. According to researchers involved in discovering and reporting on the two exploits, software updates to patch particular flaws in Spectre are possible, though none are available yet, or are able to address the exploit completely without a redesign of the operating system and the microprocessor itself.