Details have emerged on two major processor security flaws this week, and the industry is scrambling to issue fixes and secure machines for customers. Dubbed "Meltdown" and "Spectre," the flaws affect nearly every device made in the past 20 years. The Meltdown flaw only affects Intel processors, and researchers have already released proof of concept code that could lead to attacks using Meltdown.
Protecting a Windows PC is complicated
Protecting a Windows PC is complicated right now, and there's still a lot of unknowns. Microsoft, Google, and Mozilla are all issuing patches for their browsers as a first line of defence. Firefox 57 (the latest) includes a fix, as do the latest versions of Internet Explorer and Edge for Windows 10. Google says it will roll out a fix with Chrome 64 which is due to be released on January 23rd. Apple has not commented on how it plans to fix its Safari browser or even macOS. Chrome, Edge, and Firefox users on Windows won't really need to do much apart from accept the automatic updates to ensure they're protected at the basic browser level.
For Windows itself, this is where things get messy. Microsoft has issued an emergency security patch through Windows Update, but if you're running third-party anti-virus software then it's possible you won't see that patch yet. Security researchers are attempting to compile a list of anti-virus software that's supported, but it's a bit of mess to say the least.