wrote:
What's the best protection against these ?

Penalty for any cybercrime should be death !

Do your Patch Tuesday, for Meltdown. Note that
Microsoft doesn't use Meltdown in the KB for the
patch, making it harder to identify.

Update Firefox to 57.0.4 for Javascript timing
attack protection. Patch Tuesday will patch IE
for you (Spectre), while for Firefox the initial
Spectre protection is a browser update.

Those are the two kinds of high-value updates at the moment.

*******

Some day. there may be a microcode update in your
future. Ars has an article you could have a look at.
Microsoft hasn't shipped Microcode on the 9th, but Linux did.

https://arstechnica.com/gadgets/2018...t-performance/

There is also some kind of Powershell command for
checking whether the identified exploits have been
patched on a system yet or not. This one just
checks some Registry stuff.

https://support.microsoft.com/en-ca/...ngs-powershell

There are people working on tests that try to exploit
the holes, and that will be a better test than the
Speculation-control approach. The one mention of
such code I found, said it wasn't ready yet. I suspect
it's probably pretty close to ready now.

*******

Just two options at the moment, give the best (safest)
fix. That's Patch Tuesday, plus patch any non-MS browsers
you might be using. For Firefox, that's 57.0.4.

Paul