What’s affected

Macs, PCs and Servers. Just about everything. The jury is still out on the likelihood of phones being vulnerable. Here’s what you can do right now.

What Can it Do?

It can allow criminals to access private information on your computer.

You are only at risk if you visit a website or download software that has been designed to exploit this vulnerability. However, as web servers are also vulnerable, it must be assumed that the criminals are looking to exploit this by infecting servers — meaning that otherwise trusted sites may become infected.

So far I have seen no reports of exploits ‘in the wild’.

What to do: Browsers

Google Chrome

Type the following into the Chrome address bar:

chrome://flags/#enable-site-per-process

And click on enable.

The next release of Chrome will have this enabled by default.

Firefox

Install the latest version: Firefox 57.0.4

Explorer / Edge

Microsoft will be releasing patches soon.

What to do: Website Admins

Sites hosted on Amazon servers should be okay as according to reports the servers have already been hardened against this issue.

Other sites: Monitor what your hosting company is doing to address the issue. Ensure all your security software is up to date to minimize the ability of criminals to gain access to your website to infect it.