This article discusses the impact of the recently disclosed processor vulnerabilities, named “Spectre” and “Meltdown,” for Windows customers and provides resources to help keep your devices protected at home, at work, and across your enterprise.
Summary
Microsoft is aware of new vulnerabilities in hardware processors named “Spectre” and “Meltdown”. These are a newly discovered class of vulnerabilities based on a common chip architecture that, when originally designed, was created to speed up computers. The technical name is “speculative execution side-channel vulnerabilities”. You can learn more about these vulnerabilities here and here.
Who is affected?
Affected chips include those manufactured by Intel, AMD, and ARM, which means all devices running Windows operating systems are potentially vulnerable (e.g., desktops, laptops, cloud servers, and smartphones). Devices running other operating systems such as Android, Chrome, iOS, and MacOS are also affected. We advise customers running these operating systems to seek guidance from those vendors.
At this time of publication, we have not received any information to indicate that these vulnerabilities have been used to attack customers.
Protections we’ve provided to date
As of January 3, 2018, Microsoft released several updates to help mitigate these vulnerabilities and help protect customers. We have also deployed updates to secure our cloud services and Internet Explorer and Microsoft Edge browsers. We are continuing to work closely with industry partners including chip makers, device manufacturers, and app vendors.
What steps should I take to protect my devices?
You will need to update both your hardware and your software to address this vulnerability. This includes firmware updates from device manufacturers and, in some cases, updates to your antivirus software as well.
To receive all available protections, follow these steps to get the latest updates for both software and hardware:
Note: Before your begin, make sure your antivirus (AV) software is up to date and compatible. Check your antivirus software manufacturer's website for their latest compatibility information.
Note: Customers who only install the January 2018 Windows operating system security updates from Microsoft will not be fully protected against the vulnerabilities. Antivirus software updates should be installed first. Operating system and firmware updates should follow.
- Keep your Windows device up to date by turning on automatic updates.
- Check that you’ve installed the January 2018 Windows operating system security update from Microsoft. If automatic updates are turned on, the updates should be automatically delivered to you, but you should still confirm that they’re installed. For instructions, see Windows Update: FAQ
- Install available hardware (firmware) updates from your device manufacturer. All customers will need to check with their device manufacturer to download and install their device specific hardware update. See below for a list of device manufacturer websites.
Resources
Depending on your role, the following support articles will help you identify and mitigate client and server environments that are affected by the Spectre and Meltdown vulnerabilities.
- Microsoft Security Advisory: MSRC ADV180002
- Intel: Security Advisory
- ARM: Security Update
- AMD: Security Information
- Microsoft Secure blog: Understanding the Performance Impact of Spectre and Meltdown Mitigations on Windows Systems
- Consumer Guidance: Protecting your device against chip-related security vulnerabilities
- Antivirus Guidance: Windows security updates released January 3, 2018, and antivirus software
- Guidance for AMD Windows OS security update block: KB4073707: Windows operating system security update block for some AMD based devices
- Surface Guidance: Surface Guidance to protect against speculative execution side-channel vulnerabilities
- IT Pro Guidance: Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
- Edge Developer Blog: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer
- Server Guidance: Windows Server guidance to protect against speculative execution side-channel vulnerabilities
- Server Hyper-V Guidance
- Azure Blog: Securing Azure customers from CPU vulnerability
- Azure KB: KB4073235: Microsoft Cloud Protections Against Speculative Execution Side-Channel Vulnerabilities
- Azure Stack guidance: KB4073418: Azure stack guidance to protect against the speculative execution side-channel vulnerabilities
- SQL Server guidance: KB4073225: SQL Server Guidance to protect against speculative execution side-channel vulnerabilities
- SCCM guidance: Additional guidance to mitigate speculative execution side-channel vulnerabilities
Read more: https://support.microsoft.com/en-us/help/4073757/protect-your-devices-against-spectre-meltdown
My Computer
At a glance
64-bit Windows 11 Pro for WorkstationsIntel i7-8700K OC'd to 5 GHz64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600...ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Self built custom
- OS
- 64-bit Windows 11 Pro for Workstations
- CPU
- Intel i7-8700K OC'd to 5 GHz
- Motherboard
- ASUS ROG Maximus XI Formula Z390
- Memory
- 64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz
- Graphics Card(s)
- ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
- Sound Card
- Integrated
- Monitor(s) Displays
- 2 x Samsung Odyssey G7 27"
- Screen Resolution
- 2560x1440
- Hard Drives
- 1TB Samsung 990 PRO M.2,
4TB Samsung 990 PRO PRO M.2,
TerraMaster F8 SSD Plus NAS
- PSU
- Seasonic Prime Titanium 850W
- Case
- Thermaltake Core P3
- Cooling
- Corsair Hydro H115i
- Keyboard
- Logitech wireless K800
- Mouse
- Logitech MX Master 4
- Internet Speed
- 2 Gb/s Download and 100 Mb/s Upload
- Antivirus
- Malwarebyte Anti-Malware Premium
- Browser
- Google Chrome
- Other Info
- Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Galaxy S23 Plus phone