By now, you’ve almost certainly heard of the “Spectre” and “Meltdown” security flaws that affect every Intel chip produced in the last decade. Users have been waiting for a fix for both of these since January, when the issues were first discovered.
From the beginning, Microsoft agreed to include the fix for Spectre in its regular software updates but insisted that Intel and PC manufacturers would have to push the Meltdown fix on their own.
Unfortunately, the overwhelming majority of users are still waiting, and in the meantime, untold millions of machines are at risk. Intel’s first attempt at a fix was so spectacularly bad that the company urged users not to install it until a better fix could be rolled out.
Intel has since released an updated fix, but few users have taken advantage of it so far. The reason is because most users simply don’t know how. They’re not aware that they have to go to Intel’s website to manually download and install it, or wait for an OEM push, which could still be months away.
Given this reality and the extreme danger that Spectre poses, Microsoft has reversed course and agreed to make special Windows update releases that include the Spectre fix. The first such update, KB4090007, is now out and available to users.
There are two important caveats to be aware of, however:
- These special updates will not be delivered automatically. Users will have to go to the Windows Update Catalog and select the appropriate package, then run it on their computers
- The updates are available only for Windows 10, version 1709, and Windows Server, version 1709
- The currently available package (KB4090007) is meant for Intel Skylake CPU owners only. Additional packages will be released over the course of the next few months.