Microsoft has rolled out a patch for the Meltdown bug as a Windows update. This patch will effectively nullify the threat posed by this bug however, Spectre is still out there. The security patches released by Microsoft alone are not enough to protect you against it. You will likely also need to upgrade your BIOS once your PC manufacturer releases a new version. There are different patches and fixes involved in order to fully protect against Spectre and you might only have some of them in place. Here is how you can check if your Windows PC is vulnerable to Spectre, and what you can do to mitigate against it.
This will require administrative rights on your system. You will need to install a module called SpeculationControl. Open PowerShell with administrative rights and enter the following;
You may be prompted to install the NuGet provider. If so, type Y to continue and then run the above command again. If you see a warning saying you’re installing a module from an unknown repository, type Y to continue.
Now that the module is installed, it’s time to check if your Windows PC is vulnerable to Spectre, and how vulnerable it is. Type the following in PowerShell and then scroll to the end to view the summary.
Every ‘False’ in the summary indicates a vulnerability. Every ‘True’ shows that you’re protected from that particular service/component being exploited.
You can read the rest of the report for suggestions to improve protection on your PC. For my system, it advised I update BIOS which means my system’s manufacturer needs to release an update for it that I then have to install.
BIOS Updates & System Updates
BIOS updates and system updates aren’t delivered the same way. System updates will all be delivered via Windows updates unless of course you’ve disabled them. If you have, now is a good time to enable them again, or to manually install the patches that Microsoft has made available.
BIOS updates will not be delivered via Windows. You will install them via your OS but the OS itself will not look for, and download the update. Instead, you need to visit your manufacturer’s website e.g. Dell or HP or Acer, and look for driver updates for your desktop or laptop model. Don’t second guess what model you have. Most manufacturers have a code for every system they sell. The code helps identify the system immediately. Look at the bottom or back of your system for a sticker with the code and use it to check for any BIOS updates that might be available.