Spectre and Meltdown

Offical Websites : https://meltdownattack.com/

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

On the 9th of Jan Microsoft will release a new patch to fix the issue. The same patch can be downloaded manually, more info here:



There are several reports (Read this thread https://www.reddit.com/r/sysadmin/comments/7o39et/meltdown_spectre_megathread/?utm_content=title&utm_medium=hot&utm_source=reddit&utm_name=multi) of users saying that the patch will slow down any CPU by 1 to 20% after patch, and some AV will not like it at all.

Update *

VMware has also released an advisory with patch links:


Update **

MS Disables Windows Updates if AV is not Spectre/Meltdown compliant

Update ***

Fortinet released new Forticlient 5.6.4 and it is fully compatible with the latest Windows patch.

Keep in mind that the Forticlient is seen as AV client from the OS (because it has an AV engine).

This in case you are unable to patch a system, make sure Forticlient is on latest version.

Forticlient can be freely downloaded here www.forticlient.com