Riseup Security Bulletin
- The first flaw, called "Meltdown," affects nearly all Intel CPUs and has been fixed with updates to most operating systems.
- The two other flaws, called "Spectre," apply to nearly all CPUs built in the last 20 years, not just Intel, although they are more difficult to exploit. There are no permanent fixes for Spectre available at this time, although if you update your software you will make these attacks much less likely. You should take both these steps now, for all your devices: (1) Upgrade your web browser (see below). These fixes make the new attacks against CPUs more much difficult. (2) Upgrade your operating system. There are updates available for Windows, macOS, and GNU/Linux that fix the Meltdown vulnerability for Intel CPUs and provide some mitigations for Spectre. Additionally, new releases of iOS and Android have mitigations for Spectre. Better fixes will continue to arrive in the next weeks/months for your operating system and software. Please keep your system up to date!
For Windows 10, you must first upgrade any anti-virus software before upgrading Windows. Failure to do so may make your computer stop working.  To upgrade Windows 10:
Select the Start button, and then go to Settings > Update & security > Windows Update, and select Check for updates. Now is a good time to enable automatic updates: Select the "Start" button, then select "Settings" > "Update & security" > "Windows Update" > "Advanced options" and then under "Choose how updates are installed", select "Automatic (recommended)". If you are running Windows 7 or 8, an update is also available.
If you already have macOS version 10.13.2 then you are protected against Meltdown . Otherwise, to upgrade macOS:
Open the App Store app on your Mac. Click "Updates" in the App Store toolbar, then use the "Update" buttons to download and install any updates listed. Now is a good time to check enable automatic updates: Select the Apple menu, then select "System Preferences" > "App Store" > "Automatically check for updates". Apple plans to soon release an update to Safari browser to provide some mitigation against Spectre.
Apple has said that iOS is affected by Spectre, and an update to mitigate against most of the new attacks has been released. If you have iOS version 11.2 or later, then you are good . To check for new updates, go to Settings > General > Software Update.
The bad news is that Android is vulnerable to Spectre and unless you have a Google-branded phone or run a custom firmware you might not get an update for months, if ever. However, the consensus among security researchers at the moment is that the Spectre attack is difficult enough that there are probably easier ways to compromise an Android device. Yeah? There is one thing you can do now to make your Android device more safe against these new CPU attacks:
- Turn on "site isolation" in Chrome: https://support.google.com/chrome/answer/7623121?hl=en
- Upgrade Chrome Browser after Jan 23.
- Alternately, use Firefox for Android.
Run "Software Center" or "Software Updater." Alternately, open a terminal and type: sudo apt update sudo apt upgrade sudo reboot
Open a terminal and type: sudo dnf --refresh update kernel sudo reboot Stay safe, keep strong, The Riseup Birds  https://www.mozilla.org/en…/security/advisories/mfsa2018-01/  http://www.theregister.co.uk/…/microsoft_windows_patch_mel…/  https://support.apple.com/en-us/HT208394