Windows Client Guidance against speculative execution vulnerabilities

Page 18 of 75 FirstFirst ... 816171819202868 ... LastLast
  1.    11 Jan 2018 #170

    they are not the same bug people are confusing them thats why i was confused the other guy wanted the info from my stuff, as i told him that intel me has nothing to do with meltdown and speculation
      My ComputerSystem Spec

  2. axe0's Avatar
    Posts : 13,780
    Windows 10 Pro
       11 Jan 2018 #171

    storageman said: View Post
    I'm a bit confused by my system. The Intel app states I'm GOLDEN, but the Powershell script says I'm NOT GOLDEN ????

    Attachment 172027

    Anybody have any Ideas ?
    See my earlier post
    Windows Client Guidance against speculative execution vulnerabilities - Windows 10 Forums

    You're secured for meltdown.
    You're partly secured for spectre, the other part comes from firmware updates from your vendor.
      My ComputersSystem Spec

  3.   My ComputersSystem Spec

  4.    12 Jan 2018 #173

    Just found about this on a simulator forum and tried it! Got to admit that makes it simple enough for most to understand.
      My ComputersSystem Spec

  5. Posts : 213
    Microsoft Windows 10 x64
       12 Jan 2018 #174

    My Experience Below on ASUS Z170 PRO GAMING with Intel i5 6600K

    -= Before =-

    -= After looking on ASUS web site =-

    -= End Result =-

    Infos & Tools
      My ComputerSystem Spec

  6.    12 Jan 2018 #175

    Here's a small recap with my own additions from Google's Project Zero site:Project Zero

    Spectre / Variant 1: bounds check bypass (CVE-2017-5753) Win Update (Program/OS/System No Slowdown)
    Mitigation requires analysis and recompilation so that vulnerable binary code is not emitted. Examples of targets which may require patching include the operating system and applications which execute untrusted code.

    Spectre / Variant 2: branch target injection (CVE-2017-5715) Bios Update
    Mitigating this attack variant requires either installing and enabling a CPU microcode update from the CPU vendor (e.g., Intel's IBRS microcode), or applying a software mitigation (e.g., Google's Retpoline) to the hypervisor, operating system kernel, system programs and libraries, and user applications.

    Meltdown / Variant 3: rogue data cache load (CVE-2017-5754) Win Update
    Mitigating this attack variant requires patching the operating system. For Linux, the patchset that mitigates Variant 3 is called Kernel Page Table Isolation (KPTI). Other operating systems/providers should implement similar mitigations.

    And the Microsoft's own seems to get updated as well with easy explanations.

    Best tools for checking your status is the Powershell script and this SpecuCheck program by Alex Ionescu.

    Releases · ionescu007/SpecuCheck · GitHub

    The above 1.05 version shows the correct info on my x64 windows.

    Here's what a current fully Spectre and Meltdown patched (windows+bios) system should look like:
    Attached Thumbnails Attached Thumbnails SpecuCheck_5.png   powershell works.png  
      My ComputerSystem Spec

  7.    12 Jan 2018 #176


    Possibly more confusion or just posting in the wrong thread?.

    You have only fixed the Intel Management Engine flaw which has got nothing to do with the Meltdown Spectre flaw, different problem, different thread see here from November 2017 Flaws found in Intel Management Engine (ME), TXE and SPS - Windows 10 Forums

    Z170 boards have not had a BIOS update for Spectre yet so can not yet be fixed. When it appears it will be a full Bios update with a 2018 date. Z170-Pro requires Bios 7303, until you get that you are not fixed.

    Asus have a list of the New Bioses but they have not all been tested and released yet, it will take time. Already linked in one of the threads but See Asus Bios list here ASUS Global

    Perhaps a mod can separate the posts referring to the wrong fix out of the relevant threads as it may be confusing people into using the wrong checker and fix thinking they are problem free when they are not.
      My ComputersSystem Spec

  8. johngalt's Avatar
    Posts : 1,534
    WinX Pro x64 IP current
       12 Jan 2018 #177


    Going further, if you visit this page, you get all the info about Intel SA-00086: Intel® Management Engine Critical Firmware Update (Intel-SA-00086)

    If you read to the bottom, you'll see this:

    Q: What types of access would an attacker need to exploit the identified vulnerabilities?
    A: If the equipment manufacturer enables Intel-recommended Flash Descriptor write protections, an attacker needs physical access to platforms firmware flash to exploit vulnerabilities identified in:

    Now, if you read the post above by clam, or else go to this link Meltdown and Spectre: What you need to know (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) you'll see this as the title:

    Meltdown and Spectre: What you need to know (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
    Those are not the same CVE numbers - IOW, SA-00086 has nothing to do with Meltdown or Spectre.

    Anyone who tells you differently is lying or else does not know what [s]he is talking about at all.
      My ComputersSystem Spec

  9. Posts : 7,567
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       12 Jan 2018 #178

    Thanks for that, Mike. Mine failed as well. I see you have one ASUS board with an AMD chip. Same here. I see AMD their article on their site yesterday stating they are working to help to write microcode updates for Ryzen and EPYC processors. I'm concerned whether or not I'll get an updated BIOS to fix the Spectre vulnerability.

    Attachment 172220
      My ComputersSystem Spec

  10. Posts : 213
    Microsoft Windows 10 x64
       12 Jan 2018 #179

    @clam1952 @johngalt thanks for clarification of my mistake
    I was to fast, I will take time to read and understand

    may be someone can move my post to the right thread
      My ComputerSystem Spec

Page 18 of 75 FirstFirst ... 816171819202868 ... LastLast

Related Threads
The PowerShell script execution policies enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer. Windows PowerShell has four different execution policies: Execution Policy Description ...
Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
Source: Google Online Security Blog: Disclosing vulnerabilities to protect users
Windows 10 - Need some guidance on recovery in Installation and Upgrade
One of my spare Windows 10 machines is on life support. I must have clobbered it somehow when I was tweaking the multiple display settings ( to incorporate a HDMI projector). It actually worked fine all week, but today, when I tired to set it...
Read more:
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 04:45.
Find Us