How to Protect Windows From Meltdown and Spectre Security Threats
Pinterest Stumbleupon Whatsapp
Advertisement

So much for a new year meaning a fresh start. 2017 brought us security vulnerabilities such as WannaCry ransomware How to Unlock WannaCry Ransomware Without Paying a Cent How to Unlock WannaCry Ransomware Without Paying a Cent If you've been hit by WannaCry, all your files are locked away behind a high price. Don't pay those thieves -- try this free tool to unlock your data. Read More and the Equifax hack How to Check If Your Data Was Stolen in the Equifax Breach How to Check If Your Data Was Stolen in the Equifax Breach News just surfaced of an Equifax data breach that affects up to 80 percent of all U.S. credit card users. Are you one of them? Here's how to check. Read More , but things haven’t got much better at the beginning of 2018.

We had only just finished welcoming in the new year when the next security bombshell hit the headlines. And it wasn’t only one flaw, but two. Nicknamed Meltdown and Spectre, the vulnerabilities originate from computer microprocessors. In terms of severity and number of people potentially affected, experts have likened them to 2014’s Heartbleed bug.

The bugs can attack all desktop operating systems, but in this article, we’re only going to focus on Windows. Let’s take a closer look at how the vulnerabilities work and how you can tell whether they have affected you.

Meltdown and Spectre: A Closer Look

Before we explain how to detect the two bugs on your own system, let’s take a moment to fully understand what the two vulnerabilities are and how they work.

The same group of security researchers were responsible for finding both the problems. At an elementary level, they are flaws in processor architecture (i.e. the transistors, logic units, and other tiny components that work together to make a processor function).

The flaw allows a would-be hacker to expose almost any data that a computer processes. That includes passwords, encrypted messages, personal information, and anything else you can think of.

windows meltdown spectre vulnerabilities security
Image Credit: jamdesign/Depositphotos

Meltdown only affects Intel processors. Worryingly, the bug has been present since 2011. It uses part of the out-of-order execution (OOOE) process to change the cache state of a CPU. It can then dump the contents of the memory when it usually would be inaccessible.

Spectre can attack Intel, AMD, and ARM processors, and can thus also affect phones, tablets, and smart devices. It uses a processor’s speculative execution and branch prediction in conjunction with cache attacks to trick apps into revealing information that should be hidden within the protected memory area.

Spectre attacks need to be customized on a machine-by-machine basis, meaning they are harder to execute. However, because it’s based on an established practice in the industry, it’s also harder to fix.

Is Your Windows PC Affected by Meltdown and Spectre?

You need to assume you are affected by Spectre and that there’s little you can do about it. More on that later in this article.

But what about Meltdown? Thankfully, Microsoft has published a handy PowerShell script Powershell Cmdlets That'll Improve Your Windows Admin Skills Powershell Cmdlets That'll Improve Your Windows Admin Skills Powershell is equal parts command line tool and scripting language. It gives you the ability to automate your computer via the same commands you use to administer it. Read More that you can run on your system. Follow the steps below and you can install and activate an additional module on your system. The results will indicate whether you need to take further steps.

First, run PowerShell as an administrator: press Windows key + Q or open the Start Menu, type PowerShell, right-click the first result (Windows PowerShell, desktop app) and select Run as administrator.

After PowerShell has loaded, follow these steps to find out whether your PC is affected by Meltdown. Note that you can copy-and-paste commands into PowerShell.

  • Enter Install-Module SpeculationControl and press Enter to run the command.
  • Confirm the NuGet provider prompt by entering a Y for Yes and hitting Enter.
  • Do the same for the Untrusted repository prompt.
  • When the installation has completed, type Import-Module SpeculationControl and press Enter.
  • Finally, type Get-SpeculationControlSettings and hit Enter.

windows meltdown spectre vulnerabilities security

After you have run these commands, check the output result for the results — it will be either True or False.

If you see only True messages, congratulations, you are protected and don’t need to take any further action. If a False pops up, your system is vulnerable, and you need to take further action. Be sure to note the suggested actions shown in the results. As shown in the screenshot above, our test computer requires a BIOS/firmware update and yet has to install a patch provided through Windows Update.

How Can You Protect Yourself?

Do you want the good news or the bad news? Well, the good news is you can protect yourself against Meltdown… sort of. The bad is that it’s not a permanent solution and your computer will see a performance hit. Oh, and the other bit of bad news? You can’t protect yourself against Spectre.

windows meltdown spectre vulnerabilities security

To the company’s credit, Microsoft moved quickly to issue a patch for Meltdown. You can find it through the Windows Update tool Windows Updates Are Set to Get Less Annoying Windows Updates Are Set to Get Less Annoying Under the new system, Windows 10 updates should be smaller in size, be downloaded more efficiently, and put less strain on your system resources. A change you probably won't even notice. Read More (Settings > Update & Security > Windows Update > Check of updates). You need to download and install patch KB4056892 for Windows build 16299.

Troublingly, the patch is incompatible with some antivirus suites. It only works if your security software’s ISV has updated the ALLOW REGKEY in the Windows registry.

You should also update your browser. Google has patched Meltdown in Chrome 64 and Mozilla has updated Firefox in version 57. Microsoft has even patched the latest version of Edge. Check with your browser’s developer if you use a non-mainstream app.

Lastly, you need to update your system’s BIOS How to Update Your UEFI BIOS in Windows How to Update Your UEFI BIOS in Windows Most PC users go without ever updating their BIOS. If you care for continued stability, however, you should periodically check whether an update is available. We show you how to safely update your UEFI BIOS. Read More and firmware. Some computer manufacturers include an app within Windows so you can quickly check for such updates. If your PC manufacturer didn’t supply one, or if you deleted it, you should be able to find updates on the company’s website.

What About Spectre?

It won’t be a satisfactory answer for many people, but the current advice is to sit tight. Meltdown is the more immediate threat and is the easier of the two bugs for hackers to exploit.

Because of the way Spectre works, fixing it will require companies to completely redesign the way they build processors. That process could take years, and it could be decades until the current iteration of processors is entirely out of circulation.

Given the number of devices affected — potentially billions — a recall is out of the question. We’ll just have to live with the threat of a Spectre attack for years to come.

Do Meltdown and Spectre Worry You?

It’s understandable to feel worried. After all, our computers quite literally hold the keys to our lives.

But it’s also important to take solace from the facts. You are highly unlikely to be the victim of a Spectre attack. The time and effort a hacker needs to put in for an unspecified return make you an unattractive proposition.

And the big tech companies have known about the two issues since the middle of 2017. They’ve had plenty of time to prepare patches and respond in the best way they are able.

Despite the facts, do the Meltdown and Spectre threats still worry you? You can let us know your thoughts and opinions in the comments section below.

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Johan Klos
    January 12, 2018 at 9:39 am

    The article is missing a step where the Execution Policy is changed.
    You will need to do:
    Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser
    before the import-module line.

    Source: https://support.microsoft.com/en-gb/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell

  2. Jim
    January 9, 2018 at 11:36 pm

    When I executed the "Import-Module SpeculationControl" I received the following in red text:

    PS C:\WINDOWS\system32> import-module speculationcontrol
    import-module : File C:\Program
    Files\WindowsPowerShell\Modules\speculationcontrol\1.0.3\SpeculationControl.psm1 cannot be
    loaded because running scripts is disabled on this system. For more information, see
    about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.
    At line:1 char:1
    + import-module speculationcontrol
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityException
    + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands.ImportModuleCommand

    I have a Dell Inspiron. So I can't run scripts on my system? Lame.

    • KwaK
      January 10, 2018 at 2:04 pm

      Look at it this way - your system is so secure that even the test failed.

      On a side note - I think it's complaining that it doesn't have admin rights - you might have to run the script or PowerShell as Administrator (right click on either one of them and the option should be there).

      • Jim
        January 10, 2018 at 3:31 pm

        Thanks KwaK. After I read the reference on scripts being disabled on my system, I had to first execute: set-executionpolicy allsigned -scope localmachine and then I was able to continue. Kindly, Jim

    • John Doe
      January 10, 2018 at 7:47 pm

      Type: "set-executionpolicy" (without the quot.marks) and press Enter. When the blinking prompt appears, type "Unrestricted" and confirm with "y". Now you'll be able to run scripts. When you finally finish your computer check, for your security you'd better revert back by typing "set-executionpolicy" and "Restricted" at the prompt.

  3. David Martchouk
    January 9, 2018 at 10:35 pm

    Notes I found regarding Windows 7 powershell: "the Install-Module command was introduced to PowerShell in version 5.0. Most Windows 7 machines will not have this version, due to the upgrades being optional and unrelated to security. Any machine with an outdated version of PowerShell can still run the Get-SpeculationControlSettings function below, however, as long as you can obtain the contents of the script and run it ad-hoc." from https://blog.barkly.com/meltdown-and-spectre-mitigation

    How do I "obtain the contents of the script"? lol

  4. Kenneth Ciszewski
    January 9, 2018 at 10:21 pm

    So I tried this on a Windows 7 Home Premium system and it doesn't recognize "Install-Module"???????

  5. John Doe
    January 9, 2018 at 5:58 pm

    Would it have been too much trouble for you to mention which Windows OS you have in mind when advising on Meltdown susceptibility check? Windows 7 is still supported by MS, and its PowerShell doesn't recognize the Install-Module command.