Protecting your PC from Meltdown and Spectre

As you’ve likely heard by now, two significant cybersecurity vulnerabilities — frequently referred to as Meltdown and Spectre — have been uncovered by researchers.

Normally when news breaks about a cybersecurity vulnerability, it is related to software flaws. This time, we’re talking about hardware. Specifically, the CPUs inside many PCs and smart phones.

Meltdown and Spectre have the potential to let attackers steal sensitive data, including passwords and personal information, from a PC’s kernel memory.

Intel, a CPU manufacturer affected by the vulnerabilities, recently released an FAQ that says the exploits were uncovered by researchers and replicated by Intel, however there is currently no indication they’re being used yet by attackers.

That said, it is important for everyone to take steps now to help make sure hackers cannot take advantage of the flaws and steal information from your devices.

Here are some actions to consider:

• Update your anti-virus software, as a first step in your patching process. Researchers have said attackers need to install malware on your computer to take advantage of the CPU flaws, so it’s important to have antivirus software running and keep it current.
• Update your operating systems. The makers of major operating systems have already released patches to address the Meltdown flaw.
• Update your browsers.
• In addition, Intel has released a detection tool for Windows and Linux users to determine if your processor needs a firmware update.

We will update this article as more information becomes available. Also, please check our other articles at cybersecurity.wa.gov for more general advice on how to secure your home network and how to stay safe online. We also have a flyer with cybersecurity tips you can download.

Sincerely,

Agnes Kirk, Washington State Chief Information Security Officer

Ph: 1.888.241.7597 or cybersecurity@ocs.wa.gov