How to Protect Your PC Right Now From Intel’s Latest VulnerabilityMay 15, 2019
Who doesn’t love hearing news that a new vulnerability in one of their computer’s key components—the CPU that powers the whole thing—could allow an attacker to steal critical data (like your passwords or your encryption keys) directly from your processor? It’s always a fun day when that happens. Thankfully, the fixes for Intel’s recently announced vulnerability—yes, it’s Intel again—couldn’t be easier.
In fact, you don’t really have to do anything, since your Mac, Windows, or Chromebook computer should automatically update according to how you’ve set that up in your operating system. And while it’s unlikely that some random person is going to target you with the new ZombieLoad attack, as it has been cleverly titled, it never hurts to be proactive when an issue of this magnitude causes all of the major tech companies to quickly release a flurry of patches.
Or, to put it another way, don’t wait for the update to load itself. Update your system right now. While you’re doing that, check to make sure that automatic updates are working exactly as you’re expecting them to.
Microsoft Windows 10
Click on the Start button and start typing the word “Update.” As soon as the “Check for updates” option pops up, click that. (This should be familiar territory to anyone who has used a Windows PC since, oh, ever.) Windows 10 should automatically start checking to see if there are any new updates for your system. Whatever it finds, it should automatically start downloading and installing—at least, that’s how I’ve set up my system.
You’ll probably have to restart your PC, too, so make sure you’re at a decent stopping point once Windows lets you know that it’s almost ready to complete the updating process. (You can also check for yourself while the updates download and install—if you see a “pending restart” for status, get ready to do that once all your other updates have finished installing.)
Setting up automatic updates and other options
While you’re here, take a little time to make sure that Windows’ updates work exactly how you want them to—even if you already think you’ve set this all up. (I just recently found that my updates weren’t set to automatically download, even though I know I set up that feature some time ago.)
Change your Active Hours to ensure that updates aren’t bugging you when you’re trying to work—mandatory resets for those updates, specifically. Within Windows Update’s Advanced options, I like to tweak a few settings:
- Enable getting updates for other Microsoft products when you update Windows (never hurts!).
- Enable automatic downloads of updates (why not?).
- Enable the option to show a notification on your PC whenever an update requires a restart.
I also recommend clicking on Delivery Optimization at the bottom of the Advanced options window. There, you’ll be able to enable downloads from other PCs on your network—a useful way to speed up your updates—as well as other PCs on the internet. (If you go the latter route, make sure you click Advanced options on this screen and adjust your upload settings so you aren’t using up all of your bandwidth by sending random strangers Windows updates.)
Bonus updating: Windows XP
For those of you still clinging to Microsoft’s ancient operating system, Windows XP, you can’t trust Windows Update to give you critical security patches for your system. The operating system is on end-of-life status, which means Microsoft doesn’t release automatic updates for the OS anymore.
You’ll want to bookmark this page and check back from time to time to see if there are any critical updates you’ll need to install manually. And it just so happens that there’s one right now, recently released, that fixes a wormhole vulnerability in Remote Desktop Services. That’s not related to the Intel mess I previously mentioned, but it isn’t an update you should ignore, either. As Microsoft writes:
This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.
Maybe it’s time to upgrade to a newer version of Windows, if you can?
Updating your system is easy. Click on the Apple icon in the upper-left corner of your screen, select System Preferences, and click on the Software Update icon—it looks like a gear. Your system will start checking for updates automatically. If any are available, you’ll be able to start the process by clicking on the newly active “Update Now” button.
Setting up automatic updates and other options
This one shouldn’t be too difficult to figure out, either. If you want to make sure your Mac checks and preps updates in the background, make sure “Automatically keep my Mac up to date” is enabled. Click on the Advanced button, and you’ll be able to customize exactly what you want your Mac to do on your behalf. I recommend leaving all the options checked—why wouldn’t you want the latest updates for everything on your system?—but that’s just me.
Google’s Chrome OS
You should receive notifications for pending (or in-progress) updates for your apps and operating system in the lower-right corner of your Chromebook’s screen. You can also check for system updates yourself by clicking on this lower-right area and clicking on the smaller gear icon to pull up Chrome OS’ Settings.
Then, click on the hamburger icon in the upper-left corner of the window, and click on “About Chrome OS.” From there, click on the “Check for updates” button.
While Chrome OS doesn’t have any updates-related settings to tweak, you can get a little wild and enable Developer Mode to try beta versions of future Chrome OS versions. To walk on the Chrome OS wild side, simply click on “Detailed build information” on this same screen, and then look for the “Change channel” button. Click it, and you’ll be able to switch to either Beta or Developer channels. I recommend sticking with Beta, which is likely a bit more stable than the more regularly updated Developer builds.
Source of this (above) article: https://lifehacker.com/how-to-protect-your-pc-right-now-from-intels-latest-vul-1834779884