Pragmatism for Spectre and Meltdown

Disclaimer: This is general advice only and you must get your own advice for your particular situation and do your own risk assessment.

Spectre and Meltdown are obviously very real threats that could result in some very nasty outcomes. There are Wikipedia articles explaining both, along with many other articles on the web, but what can you do about it? Of course you should follow the advice of your various hardware and software vendors; particularly vendors of network devices, servers, and operating systems. However, you can also act now by updating your anti-virus/anti-malware protection. In fact, in many cases this is the first thing you should do; before applying other updates. This is because your anti-virus software could see other patches as an attack.

As of the 8th of January most major vendors of these products are supporting the fix for Microsoft OS [note that devices running Microsoft are just one group of devices affected]. Microsoft won't apply the fix unless it detects the presence of a registry key change. Antivirus vendors who already have an update available include major companies like Kaspersky, ESET, AVG, and Microsoft.

Microsoft sums up the approach for protecting Microsoft OS well in this article: https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown

Importantly, they make the following note " Customers who only install the January 2018 Windows operating system security updates from Microsoft will not be fully protected against the vulnerabilities. Antivirus software updates should be installed first. Operating system and firmware updates should follow."

All major vendors are working furiously to address the Spectre and Meltdown vulnerabilities, so keep up-to-date with what your specific vendors are doing, and don't forget your antivirus!