How to counter the Meltdown and specter security flaws

Unless you have been avoiding all news lately, you have no doubt seen or heard countless reports on two security flaws discovered in Intel, AMD and Arm processors. These, combined, affect pretty much everything built in the last 15 years or so. Without going into all the details, reports appear to indicate that the only real fix is a hardware replacement. The hardware fix isn’t available, so patches and fixes are being released to prevent someone from getting access to the process that accidentally leaks data.

Here are the fixes available and where to get them for the second week of January 2018

Phones

Apple iPhones:   Update to IOS 11.2.

Android Phones:  Unknown. Contact manufacturer.

Operating Systems

Windows:            Windows 10 automatic update has a fix.

IMPORTANT: AMD users have reported fatal failures with the Windows update!

Apple MacOS:     Update to  10.13.2

Linux:                  A patch is available. (Expect a performance impact)

VMware:              Update to 6.5u1 and apply a security patch.

Browsers

Google Chrome:   Update to the latest version

Firefox:                  Unknown.

 

BEFORE INSTALLING ANY PATCHES:

  • Make a FULL backup of the machine. We recommend Acronis and Veeam products.
  • We recommend waiting to make sure that the patches are stable. Any surprises could mean having to reinstall the operating system or resetting the device and potentially losing everything. If you have a large number of computers, run the patches on test machines to see how they react.

 

Don’t forget to get the latest firmware for all devices including:

  • Servers
  • Desktops
  • Laptops
  • Routers
  • Firewalls
  • Switches
  • Smart TVs
  • Wireless Access Points (Wifi APs)
  • Video cameras

As always, we welcome feedback and stories on how you faired with the updates.