How to install Intel Processor Patch for Meltdown and Spectre in Ubuntu Linux. USN-3531-1: Intel Microcode update; Information Leak via speculative execution side channel attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 aka Spectre and Meltdown)
It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715) This update provides the microcode updates required for the corresponding Linux kernel updates.
Install Update
Run the following commands to install Intel Processor Patch for Meltdown & Spectre in Ubuntu Linux:
sudo apt-get update
sudo cp -r ~/Downloads/microcode-*/intel-ucode /lib/firmware/
sudo -i && echo 1 > /sys/devices/system/cpu/microcode/reload
sudo restart
- Ubuntu 17.10:
- intel-microcode 3.20180108.0~ubuntu17.10.1
- Ubuntu 17.04:
- intel-microcode 3.20180108.0~ubuntu17.04.1
- Ubuntu 16.04 LTS:
- intel-microcode 3.20180108.0~ubuntu16.04.2
- Ubuntu 14.04 LTS:
- intel-microcode 3.20180108.0~ubuntu14.04.2
Updating
By default, users are notified daily for security updates and weekly for non-security updates. How Ubuntu alerts you as well as configuring your system to install updates automatically can be setup within Update Manager. You can access Update Manager anytime by pressing ‘Alt+F2’, entering update manager pressing Enter. Its settings can be adjusted by pressing the ‘Settings’ button.
Once Update Manager is open, you can review and select pending updates as well as check for new updates. Simply press the ‘Install Updates’ button to upgrade the selected packages to the updated version.