Intel releases update against spectre. How to go about it.
Indeed, last week was a terrible week for Intel on the recent security issues. The potential calamities was made known very much by Google when it warned about vulnerabilities affecting a huge array of processors made over the last couple decades, particularly ones from Intel. Called Meltdown and Spectre both exploits were recently disclosed by Google Project Zero, which issued its warning earlier than planned following a bunch of reports and bits of information working people up into a frenzy over the past couple days.
If you’re unaware of the issue, now is the time to start reading. The article to the right of this paragraph gives you a good launching point; you can also check out this and this to get an idea of what is going on, as well as statements from a few major companies. If you really want to get into the meat of the issue, there’s an academic paper on Meltdown here with all the technical details, and a similar one on Spectre here.
For its part, Intel has announced that both it and its partners “have made significant progress” in pushing out updates to deal with the two exploits. The company says that it is rapidly deploying these firmware updates and software patches for all varieties of Intel-based systems, including servers all the way down to typical personal computers.
These updates will “render those systems immune” to Spectre and Meltdown, according to Intel. Most of the Intel processor products launched over the past half-decade have already received updates. The company says that by the end of next week, it anticipates that more than 90% of its processor products from over the last five years will have received updates.
Big concerns surround the performance impact such updates will have on these products, though. Intel has stated in its most recent update that it “believe[s] that the performance impact of these updates is highly workload-dependent.” If you’re an average computer user, you don’t really have to worry, as the impact should be minimal and “mitigated over time.”
Fixes from other companies have already started rolling out, as we’ve previously noted. What can you do to protect yourself from these vulnerabilities? Assuming you’re a Windows user, you should head into “Update and Security” in your system’s settings menu and choose “Check for updates.” Install whatever updates are available, assuming your computer didn’t already automatically install them. Linux and macOS users should also install the latest security updates available for their systems.
Android users don’t need to worry, as fixes are already in place; the same goes for other Google products. In its most recent statement, Intel is recommending that users take advantage of their system’s automatic update functionality to ensure updates are installed ASAP. Furthermore, head over to the Meltdown Attack website and scroll to the bottom for direct links to security advisories, security centers, notes, and more from all the major relevant companies, including Google, Microsoft, Intel, ARM, AMD, and others.