Device and platform manufacturers are releasing updates to supported products which will mitigate this issue. Ensure that the latest patches have been installed, and that you are not using unsupported devices as these will not be fixed.
The following section summarises responses from the major suppliers that we aware of.
The major cloud service providers are installing fixes on their own platforms. However, in a virtualised environment, fixes are required for both the hypervisor and guest virtual machines. Therefore, when using Infrastructure as a Service (IaaS), you will need to update the operating systems of any virtual machines and container base images that you manage. For Platform as a Service (PaaS) and Software as a Service (SaaS), your provider should install these patches for you. If in doubt, check that your service provider:
is aware of the issue and installing fixes
is providing advice for dealing with the issue
Operating systems and hypervisors need patches, as does the firmware of the physical machines you are running. The major equipment manufacturers (OEMs) are producing patches; you should obtain these directly from the OEM. Patches for Linux are also being produced and will be included by the most common distributions. These should be installed as soon as they are available.
End user devices
The major operating system vendors have produced patches which mitigate the issues, though some parts of the patches need to be installed via the equipment manufacturer (OEM) as they contain platform-specific elements. This means that it's not sufficient just to update the operating system - you will need to check that the underlying firmware is also up to date. Links are provided at the end of this page.
Applications and software
Software compilers need to be updated to protect applications from the Spectre vulnerabilities. Once compilers have been updated, applications will need to be recompiled to take advantage of these mitigations. As with operating systems, applications should be regularly updated to ensure the latest security fixes are applied.
Some CPU microprocessors are affected more than others. Check with your processor's manufacturer to find out the full impact of the vulnerabilities.
Intel and Linux have developed tools to detect and mitigate the Meltdown and Spectre vulnerabilities in Windows and Linux.
Detection and Mitigation Tool
Linux Detection and Mitigation Tools (Linux)