Although most news initially reported this flaw as present in an Intel processor, it is now known to affect other processors like AMD and ARM as well. That means all devices using these processors like PCs, MacBooks, servers, Android and iOS devices are affected.
What are the Spectre and Meltdown security flaws?
These are security holes introduced by two different optimization techniques used by the processors namely: Speculative Execution and Out-of-order execution.
The technique used to exploit Speculative Execution is called Spectre and has two variations. One that takes advantage of the bounds checks bypass and the other that exploits the capability to do branch target injection by altering the branch target buffer to execute the rogue process.
The technique use to exploit the out-of-order execution performance feature is called Meltdown. This enables a rogue process to read memory of another process or virtual machine in the cloud without permission or privileges.
How to protect yourselves?
Most of the tech industry giants have responded quick. Google in particular developed a mitigation technique to protect against Spectre and shared it with other partners.
The Android 2018-01-05 Security Patch Level(SPL) includes mitigations reducing access to high precision timers that limit attacks on all known variants on ARM processors. These changes were released to Android partners in December 2017
OS versions prior to 63 are not patched. Chrome OS systems started receiving version 63 on 12/15/2017.
Go to the Google FAQ for steps to take on Google cloud and other Google products.
Microsoft Windows 10
Microsoft has put out an update(KB4056892) to mitigate this for Windows 10 that is available here.
Apple Devices: MacBook, iPhone, iPad, Apple TV
Firefox 57.0.4 released on Jan 4, 2018 includes the two mitigations
Microsoft Edge: Microsoft has released an update to Windows Client to fix the vulnerability on Edge(KB4056890). Check details.
Chrome 64, due to be released on January 23, will contain mitigations to protect against exploitation.
Safari Apple has released new security updates aimed at protecting Safari and WebKit from the Spectre attack. Check details here.
Amazon Web Services(AWS) team put out a security bulletin on Jan 03, 2018 with instructions for customers to follow on protecting their servers against the vulnerability.