what does this mean:

"Intel has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years."

I haven't seen any updates by Intel (only Microsoft)

Geneo said:

what does this mean:

"Intel has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years."

I haven't seen any updates by Intel (only Microsoft)

Could it be that those intel patches are included in the Cumulative Updates being pushed out by MS?

So many unanswered questions and doubt here.

I wonder how many AMD chips are affected, it seems like less of them might be. In a way I wish AMD was still independent of Intel, I'd love to see some real competition in the processor market.

I don’t like the references to ‘firmware’ updates. Software is all well and good but I suspect the updates from intel could relate to firmwares. Intel working with motherboard manufacturers would be a possible scenario. Am not particularly clued up but I believe microcode fixes to processors can sometimes be applied via BIOS revisions. Thus implying they expect people to start messing around with updating the motherboard BIOS. If this is a recommended step then I’d say 99.9% would not do this as people generally aren’t aware of this aspect and also it’s pretty risky. It really is the sort of thing you don’t want to mess with if everything’s working as it can screw up. I hope it’s not the case and that all we need to worry about is allowing windows update to do it’s job.

Scottyboy99 said:

I don’t like the references to ‘firmware’ updates. Software is all well and good but I suspect the updates from intel could relate to firmwares. Intel working with motherboard manufacturers would be a possible scenario. Am not particularly clued up but I believe microcode fixes to processors can sometimes be applied via BIOS revisions. Thus implying they expect people to start messing around with updating the motherboard BIOS. If this is a recommended step then I’d say 99.9% would not do this as people generally aren’t aware of this aspect and also it’s pretty risky. It really is the sort of thing you don’t want to mess with if everything’s working as it can screw up. I hope it’s not the case and that all we need to worry about is allowing windows update to do it’s job.

Processor microcode can, and is, also updated by Windows Update. It gets loaded into the processor early in the boot stage, For something as important as these vulnerabilities, I am confident Microsoft/Intel would update it through Windows update.

I think we need clarity from official sources. Has the WU fix solved the problem or do we also need updates from the PC supplier or motherboard supplier. I might have a long wait in the latter case since I have a Gigabyte motherboard.

I ran the PowerShell commands in this post Windows Client Guidance against speculative execution vulnerabilities

This gave the result below after the latest W10 update. It seems there is some way to go before we have full protection.

Attachment 170960

Hi there

I suspect if ordinary users try applying BIOS updates there will be an awful lot of "Bricked" computers out there.
I'm sure if this type of problem was in any way problematic to a significant number of individual users updates would have been released already.

professional / serious hackers know about this stuff already and would surely have exploited it if worth doing. I don't see how companies the size of Intel could possibly keep this type of stuff under wraps -- companies of that size invariably have some "leakers" - inevitable.

I'm not really sure whether this is essentially Fake News during a quiet period of the year, a sales pitch by some AV companies who must be feeling the pinch as Ms's own built in security improves or Intel to get people ready to go out and buy computers with brand new processors in them.

In any case I don't have anything on my Windows machines that anybody would find either interesting or the slightest bit of use -- they certainly couldn't make any money out of it. !!! - I never use Windows for things like online banking or online shopping (e.g Amazon) - if I do then it's on Linux machines which are much better protected and never keep passwords on the machines in these "remember password" programs -- those types of programs should be OUTLAWED IMO - maybe convenient but a huge security flaw.

If you MUST use those types of things ensure the password stuff is on a different machine on your network and NOT connected to the internet in any way and even on the network has limited access - you can create a small Virtual machine for this purpose, recover your password and then power off the VM. This VM in my case is on an external HDD (SSD actually) which is then removed after powering off the VM so a hacker wouldn't be able even to see it.

I'll just wait and see what's next anyway and probably be quietly amused.

Cheers
jimbo