Meltdown and Spectre computer vulnerabilities affect HIPAA Covered Entities and Business Associates. Every computer, phone, and tablet is impacted. Take these steps to protect yourself and update your systems.
Previous Articles In This Series:
- Meltdown & Spectre Part I: What Are They?
- Meltdown & Spectre Part II: Impacts to Healthcare Organizations
When we discuss checking and updating your computer against the Meltdown and Spectre vulnerabilities, we are really talking about two levels of updates. The first is checking and updating your system itself, that is, the firmware and operating system. The second level is checking and updating key software applications that are vulnerable to these and other attacks.
If you have an IT Department or contract with an IT Managed Services Provider that maintains your computers for you, performs regular patching, etc., then do not do any of this yourself. Check with them to make sure they have taken care of it. Any good IT Managed Services firm would already be on top of these well-publicized vulnerabilities.
Step 1: Check If Your System Is Vulnerable
Though Microsoft and a number of others have put together tools for checking if your computer is still vulnerable to Meltdown and Spectre, by far the easiest to use is a program called “InSpectre” created by respected security researcher and software engineer Steve Gibson. This free program doesn’t need to install on your system. Just run it to quickly and clearly find out your status.
-
- Download InSpectre from the Gibson Research Corporation website here.
- Go to your Downloads folder (or wherever you saved it) and run the program. InSpectre will quickly give you unambiguous results, like this:
- If your results are three greens — “YES… YES… GOOD” — then congratulations, your system is protected from Meltdown and Spectre! You can skip the “Updating your System” step below and go straight to Step 3: Checking and Updating Key Software Applications in Part IV of this series.
- If your results say “NO!” anywhere like mine did above, then continue to Step 2 below.
Step 2: Update Your System
In this step, we will go through updating your PC’s firmware and operating system. Firmware is the low-level programming instructions that tell your PC’s hardware (like the Central Processing Unit in this case) how to work.
Updating Windows
We’ll start with updating Windows before moving to the firmware. I’m using Windows 10 for this example, so things might look a little different if you are using Windows 7, 8, or 8.1.
If you are still using Windows XP or Vista, the steps below won’t be much help — instead, talk to an IT professional about upgrading to a newer operating system or setting up extra network protections around your XP/Vista machine(s).
-
- Open your Windows Settings from the Start Menu and select the Update & Security option.
- Under the heading Update status, make sure it says your device is up to date. If not, download and install any available updates.
- Under Update settings, click Advanced options. Make sure that “Give me updates for other Microsoft products when I update Windows” is checked. This ensures that Windows Update will also automatically update Internet Explorer, Outlook, Word, Excel, and other Microsoft applications.
In most cases, especially for Windows 10 users, Windows should be automatically taking care of these updates. If you don’t have automatic Windows updates turned on, we recommend doing so unless you have a specific reason not to.
Continue to Part IV of this series, where we will finish the process by updating your firmware and vulnerable applications.
