Technical guide: Meltdown and Spectre security vulnerabilities


Meltdown and Spectre are two recently-disclosed vulnerabilities present in many modern CPUs. These vulnerabilities may allow an untrusted webpage or client process to completely compromise the computer.  Complete compromise could allow password theft, document theft, document deletion, malware installation, and other malfeasance.

This document contains technical information about the scope, impact, and mitigation of these vulnerabilities.


Vulnerability Impact table

CPU Vendor Meltdown Spectre
Intel Information disclosure, privilege escalation Information disclosure
AMD No vulnerability identified at this time Information disclosure (low risk)
ARM No vulnerability identified at this time Information disclosure
Others See list here:


For full mitigation, users may need all of the following:

  1. BIOS/UEFI update
  2. OS Update
  3. Application update


BIOS/UEFI update

BIOS/UEFI is the motherboard-level machine code that runs before the OS starts. This code determines which storage device to boot from, which optional hardware should be enabled, which video card to initialize first, and other pre-OS configuration settings.  This functionality is also know as "Firmware" or "CMOS setup".  Computer manufacturers are aware of the issue and are working on new BIOS/UEFI updates, but may not have "fixed" code for all models at the moment.  BIOS updates that address this issue should have date stamps after Jan 3rd, 2018.

Note that using the wrong BIOS update can brick your computer.  BIOS updates should be performed by staff who are familiar with (or responsible for) the computer's hardware.

BIOS/UEFI code for Intel CPUs are affected by both Meltdown and Spectre. 
BIOS/UEFI code for AMD CPUs is not currently known to be affected by Meltdown, but is partially vulnerable to Spectre.


AMD Athlon CPU Note

Computers with AMD Athlon processors (pre-2006) may not be compatible with the Windows Update for Meltdown.  Windows users with AMD Athlon Processors should not apply the Jan 3rd update at this time.  We will update this guidance as the situation develops.


OS Updates


Windows Version KB Number
Win10 1709 Fall Creators Update 4056892
Win10 1703 Creators Update 4056891
Win10 1607 Anniversary Update 4056890
Win10 1511 4056888
Win10 Original Edition 4056893
Win 8.1 4056895
Win 7 4056894

Other Windows versions (including server versions) are addressed here:


  • Mac users should update to macOS 10.13.3 today (High Sierra update 3)

RedHat Linux

Other OSes


Application Updates






Article ID: 45829
Fri 1/5/18 9:42 AM
Wed 1/31/18 12:14 PM