Intel Issues Updates to Protect Systems from Security Exploits

Page 1 of 13 12311 ... LastLast
    Intel Issues Updates to Protect Systems from Security Exploits

    Intel Issues Updates to Protect Systems from Security Exploits


    Last Updated: 05 Jan 2018 at 17:21
    Intel and Its Partners Have Made Significant Progress in Deploying Updates as Software Patches and Firmware Updates

    SANTA CLARA, Calif., Jan. 4, 2018 — Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and servers — that render those systems immune from both exploits (referred to as “Spectre” and “Meltdown”) reported by Google Project Zero. Intel and its partners have made significant progress in deploying updates as both software patches and firmware updates.

    MORE: Intel Responds to Security Research Findings (Jan. 3, 2018) | Security Exploits and Intel Products (Press Kit) | Facts about The New Security Research Findings and Intel Products (Intel.com)

    Intel has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years. In addition, many operating system vendors, public cloud service providers, device manufacturers and others have indicated that they have already updated their products and services.

    Intel continues to believe that the performance impact of these updates is highly workload-dependent and, for the average computer user, should not be significant and will be mitigated over time. While on some discrete workloads the performance impact from the software updates may initially be higher, additional post-deployment identification, testing and improvement of the software updates should mitigate that impact.

    System updates are made available by system manufacturers, operating system providers and others.

    Intel will continue to work with its partners and others to address these issues, and Intel appreciates their support and assistance. Intel encourages computer users worldwide to utilize the automatic update functions of their operating systems and other computer software to ensure their systems are up-to-date.

    For information and links to useful resources, visit the security research findings page on Intel.com.


    Source: https://newsroom.intel.com/news-rele...rity-exploits/

    Reference: Kernel memory leaking Intel processor design flaw - Windows 10 Forums

    See also: Download Intel-SA-00086 Detection Tool
    Brink's Avatar Posted By:

  1. Geneo's Avatar
    Posts : 1,076
    Windows 10 Pro x64 Retail 21H1
       #1

    what does this mean:

    "Intel has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years."

    I haven't seen any updates by Intel (only Microsoft)
      My Computer


  2. Posts : 62
    Windows 10 Home /Windows 7 Home
       #2

    Geneo said:
    what does this mean:

    "Intel has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years."

    I haven't seen any updates by Intel (only Microsoft)
    Could it be that those intel patches are included in the Cumulative Updates being pushed out by MS?

    So many unanswered questions and doubt here.

    I wonder how many AMD chips are affected, it seems like less of them might be. In a way I wish AMD was still independent of Intel, I'd love to see some real competition in the processor market.
      My Computer

  3. Scottyboy99's Avatar
    Posts : 2,262
    Windows 10 Pro (64 bit)
       #3

    I don’t like the references to ‘firmware’ updates. Software is all well and good but I suspect the updates from intel could relate to firmwares. Intel working with motherboard manufacturers would be a possible scenario. Am not particularly clued up but I believe microcode fixes to processors can sometimes be applied via BIOS revisions. Thus implying they expect people to start messing around with updating the motherboard BIOS. If this is a recommended step then I’d say 99.9% would not do this as people generally aren’t aware of this aspect and also it’s pretty risky. It really is the sort of thing you don’t want to mess with if everything’s working as it can screw up. I hope it’s not the case and that all we need to worry about is allowing windows update to do it’s job.
      My Computer

  4. Superfly's Avatar
    Posts : 3,352
       #4

    Yes, Intel supplies the OEM's with updates to the firmware so that MS updates can mitigate - did mine last night

    Announcing Windows 10 Insider Preview Fast+Skip Build 17063 for PC Insider - Page 58 - Windows 10 Forums
      My Computer

  5. Geneo's Avatar
    Posts : 1,076
    Windows 10 Pro x64 Retail 21H1
       #5

    Scottyboy99 said:
    I don’t like the references to ‘firmware’ updates. Software is all well and good but I suspect the updates from intel could relate to firmwares. Intel working with motherboard manufacturers would be a possible scenario. Am not particularly clued up but I believe microcode fixes to processors can sometimes be applied via BIOS revisions. Thus implying they expect people to start messing around with updating the motherboard BIOS. If this is a recommended step then I’d say 99.9% would not do this as people generally aren’t aware of this aspect and also it’s pretty risky. It really is the sort of thing you don’t want to mess with if everything’s working as it can screw up. I hope it’s not the case and that all we need to worry about is allowing windows update to do it’s job.
    Processor microcode can, and is, also updated by Windows Update. It gets loaded into the processor early in the boot stage, For something as important as these vulnerabilities, I am confident Microsoft/Intel would update it through Windows update.
      My Computer

  6. Steve C's Avatar
    Posts : 6,482
    Windows 10 Pro 64 bit
       #6

    I think we need clarity from official sources. Has the WU fix solved the problem or do we also need updates from the PC supplier or motherboard supplier. I might have a long wait in the latter case since I have a Gigabyte motherboard.
      My Computers

  7. Superfly's Avatar
    Posts : 3,352
       #7

    Steve C said:
    I think we need clarity from official sources. Has the WU fix solved the problem or do we also need updates from the PC supplier or motherboard supplier. I might have a long wait in the latter case since I have a Gigabyte motherboard.
    https://support.microsoft.com/en-gb/...erabilities-in


    It's a 3-prong approach...
    NB: WU cannot determine the model of the firmware to update thus must be done via the OEM's.

    Recommended actions

    Customers must take the following actions to help protect against the vulnerabilities.

    • Verify that you are running a supported antivirus application before you install OS or firmware updates. Contact the antivirus software vendor for compatibility information.
    • Apply all available Windows operating system updates, including the January 2018 Windows security updates.
    • Apply the applicable firmware update that is provided by the device manufacturer.




      My Computer

  8. Steve C's Avatar
    Posts : 6,482
    Windows 10 Pro 64 bit
       #8

    I ran the PowerShell commands in this post Windows Client Guidance against speculative execution vulnerabilities

    This gave the result below after the latest W10 update. It seems there is some way to go before we have full protection.

    Attachment 170960
      My Computers

  9. jimbo45's Avatar
    Posts : 10,716
    Windows / Linux : Arch Linux
       #9

    Hi there

    I suspect if ordinary users try applying BIOS updates there will be an awful lot of "Bricked" computers out there.
    I'm sure if this type of problem was in any way problematic to a significant number of individual users updates would have been released already.

    professional / serious hackers know about this stuff already and would surely have exploited it if worth doing. I don't see how companies the size of Intel could possibly keep this type of stuff under wraps -- companies of that size invariably have some "leakers" - inevitable.

    I'm not really sure whether this is essentially Fake News during a quiet period of the year, a sales pitch by some AV companies who must be feeling the pinch as Ms's own built in security improves or Intel to get people ready to go out and buy computers with brand new processors in them.

    In any case I don't have anything on my Windows machines that anybody would find either interesting or the slightest bit of use -- they certainly couldn't make any money out of it. !!! - I never use Windows for things like online banking or online shopping (e.g Amazon) - if I do then it's on Linux machines which are much better protected and never keep passwords on the machines in these "remember password" programs -- those types of programs should be OUTLAWED IMO - maybe convenient but a huge security flaw.

    If you MUST use those types of things ensure the password stuff is on a different machine on your network and NOT connected to the internet in any way and even on the network has limited access - you can create a small Virtual machine for this purpose, recover your password and then power off the VM. This VM in my case is on an external HDD (SSD actually) which is then removed after powering off the VM so a hacker wouldn't be able even to see it.

    I'll just wait and see what's next anyway and probably be quietly amused.

    Cheers
    jimbo
      My Computer


 
Page 1 of 13 12311 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 19:47.
Find Us




Windows 10 Forums