At the beginning of this year, two major vulnerabilities were discovered affecting millions of Intel, AMD and ARM CPUs. The vulnerabilities, known as Spectre and Meltdown, affect various devices ranging from desktops, laptops, cloud servers, and even smartphones running on either Windows, Android, Chrome OS, iOS or MacOS.
Despite these vulnerabilities being around for a couple of months, there are no reports of them being used to attack customers. For those who don’t know about the vulnerabilities, Spectre allows attackers to target a specific programme and possibly fish for data such as passwords. Meltdown, on the other hand, allows a program to access the memory of other programmes and the operating system thus making it possible to “steal” information from them.
Security analysts have termed these two vulnerabilities as catastrophic if an attack was to be executed, especially due to the huge numbers of devices involved. For this reason, Microsoft and Intel have released the first batch of security updates that are meant to deliver fixes to Spectre and Meltdown.
“Microsoft continues to work diligently with our industry partners to address the Spectre and Meltdown hardware-based vulnerabilities. Our top priority is clear: Help protect the safety and security of our customers’ devices and data,” said John Cable, Director of Program Management, Windows Servicing and Delivery.
“Today, Microsoft will make available Intel firmware updates, initially for some Skylake devices running the most broadly installed version of Windows 10 — the Windows 10 Fall Creators Update — through the Microsoft Update Catalog,” he added.
For those running Intel 6th Generation processors and are on Windows 10 Fall Creators Update, you are advised to update your devices, or you could just download the patch directly from Windows Website. The rest of humanity will have to wait a little longer to have Spectre and Meltdown security patches delivered to us.