Get ready to patch every piece of computing gear in your home and company to deal with this CPU nightmare.
You can’t get away from Meltdown and Spectre. These chip bugs will make your life miserable. Everything you run — and I mean everything — PCs, Macs, iPhones, tablets, cloud computing, and servers — use vulnerable CPUs. Apple, Linux developers, and Microsoft have all released patches. And all of them will slow down at least some of your programs.
While Intel gets most of the heat for these hardware vulnerabilities, it’s not alone. According to Red Hat, ARM, IBM System Z, POWER8 (Big Endian and Little Endian), and POWER9 (Little Endian) processors are all open to attack. AMD claims its chips are largely invulnerable, but it concedes there’s a near zero — but not zero — risk of exploitation from one class of attack.
So, what does that mean for you? Here’s what the experts say you can expect from your devices and services.
DESKTOPS, SMARTPHONES, AND OTHER END-USER DEVICES
To protect your Linux, macOS, or Windows PC, patch it. Now.
Linux patches are out for some, but not all, systems. Red Hat, Centos, and Fedora all have patches. SUSE has released SUSE Linux Enterprise (SLE) patches. Ubuntu and related distributions had scheduled patches to be out on Jan. 9. Now that the news is out, their developers are pushing the fixes out as fast as possible.
On Windows PCs, Microsoft pushed an emergency patch out on Jan. 3. If you didn’t get it, go to Start > Settings > Update and Security > Windows Update. Then, click the Check now button under “Update status.” You can also just search for “Windows Update.” This works on Windows 7 and Windows 8, too.
For Apple systems, iOS 11.2, macOS 10.13.2, and tvOS 11.2 come with patches. Unlike Microsoft, Apple has yet to release patches for older versions of its operating systems.
Android patches were included in 2018’s first security patch pack. Unfortunately, only the newest Nexus and Pixel devices have received these so far. Chrome OS users with version 63 are protected. This update was pushed out on Dec. 15, 2017. This fix won’t be ported to older versions of Chrome OS. If you’re still using an out-of-support Chromebook, it may be time to finally retire it.
Regardless of what computer you’re using, you should be wary of JavaScript.
Richard Morrell, CTO and security lead of Falanx Group Ltd (LON:FLX), a cyber defense company, said in a technical note to customers [sic], “Amazon, Rackspace, and Verizon along with Microsoft are rebooting swathes of their infrastructure during Friday – Sunday 5th – 8th January. If you are a cloud customer of any provider please seek clarification from your provider. The changes may affect your application performance and your DevOps/Agile leads should consult your vendor to determine if they expect impact at this time.”