Canonical’s Dean Henrichsmeyer published today an update on the Ubuntu patches for the Meltdown and Spectre security vulnerabilities and what they plan on doing next to mitigate these critical bugs.
By now, most of you have probably updated your Ubuntu Linux computers to the new kernel versions Canonical released earlier this week, as well as the new Nvidia proprietary graphics driver and Firefox web browser, both including patches to mitigate the Meltdown and Spectre exploits affecting billions of devices powered by modern processors from Intel, AMD, and ARM.
Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 ESM (Precise Pangolin) – for Ubuntu Advantage customers – received new kernel versions, including for 64-bit (x86_64) installations, as well as Azure, Google Cloud Engine, and AWS systems, and HWE (Hardware Enablement) kernels.
In addition to these kernel and software updates, Canonical also released the recent Intel microcode firmware update for Intel processors to mitigate both variants of the Spectre security vulnerability, and it continues to work on yet another set of kernel updates for Ubuntu 17.10 and Ubuntu 16.04 LTS to further mitigate these chip flaws.
Ubuntu 17.10 users will release new kernels on January 15, 2018
Being the latest release of the operating system, Ubuntu 17.10 will be the first to get the new set of kernels early next week on Monday, January 15, 2018, but Canonical says that Ubuntu 16.04 LTS users should also receive the new kernel updates next week. While these will be available for 64-bit installations, but more architectures will get these patches soon.
“Kernel updates will begin with releasing v4.13 for Artful 17.10 on Monday, January 15, 2018, with 16.04 to follow shortly,” said Dean Henrichsmeyer, VP of Cloud Engineering, Ubuntu Foundations, Canonical. “In addition to releasing fixes for Spectre we will be expanding the Meltdown mitigation to other supported architectures.”
We recommend all users to keep their computers, and other devices they might own, up-to-date at all times. If you see an update, install it, especially if it’s a new kernel version, which is the core of the operating system you’re running. We’re not done with the Meltdown and Spectre vulnerabilities just yet, so you should expect more similar updates in the next few weeks as the Ubuntu Engineering team is committed to delivering fixes for these issues.