On January 3, 2018, the Google Project Zero team reported they had discovered three variants of a hardware bug with important ramifications. You can read their blog post, Reading privileged memory with a side-channel.
The three variants are:
- Spectre (Variant 1): bounds check bypass - CVE-2017-5753
- Spectre (Variant 2): branch target injection - CVE-2017-5715
- Meltdown (Variant 3): rogue data cache load - CVE-2017-5754
Microsoft has released updates to help mitigate Meltdown and Spectre vulnerabilities.
Protect Microsoft Windows devices
To help mitigate your Windows devices:
- Update the Malwarebytes for Windows database.
- Open Malwarebytes for Windows.
- Click on Check for Updates to download the latest database update.
Minimum database version required is v1.0.3624.
- Install the latest Microsoft updates for your specific operating system:
- Install the latest updates for your browser.
For more information, refer to Microsoft's article Protect your Windows devices against Spectre and Meltdown.