Windows Client Guidance against speculative execution vulnerabilities

Page 23 of 75 FirstFirst ... 1321222324253373 ... LastLast
  1.    15 Jan 2018 #220

    fdegrove said: View Post
    Hi,

    Yes but it then should also be available from the OEM website either as a bios/efi flash or as an Intel ME flash IMHO.

    I just checked with my OEM and flashes for cpu microcode will be available for three of my machines starting from cw 05. Good to know.



    MS has already done what it is supposed to do. That part is safe now. But it's the hardware that still requires patching for the majority of us endusers.
    Cheers,
    That explains why I have a mixed result after running the Spectre Meltdown CPU checker (my post #216). I am green (check) for Meltdown and red (check) for Spectre. As we all know, the latter is more concerned with all Intel CPUs while Meltdown goes for the others. So far, HP doesn't seem to be in a hurry to release a BIOS/UEFI firmware update. At least, in your case, you have some information about when you will probably receive a fix from your OEM. That is not the case for HP support site, unless I don't know where to look..

    "MS has already done what it is supposed to do. That part is safe now. But it's the hardware that still requires patching for the majority of us endusers"

    It's a fact that MS has already done its part. That's the point, if the OEM of one's PC hasn't released any update with respect to that issue, the next MS's Security update might not be able to install as we are witnessing with the last out-of-band patch KB4056892. Some users are still having difficulty in installing this update.
    :)
      My ComputerSystem Spec

  2.    15 Jan 2018 #221

    Hi,

    As we all know, the latter is more concerned with all Intel CPUs while Meltdown goes for the others.
    Not quite @IronZorg89. Both affect most CPU manufacturers and OS's.

    Meltdown got its name because it "melts" security boundaries normally enforced by hardware. By exploiting Meltdown, an attacker can use a program running on a machine to gain access to data from all over that machine that the program shouldn't normally be able to see, including data belonging to other programs and data that only administrators should have access to. Meltdown doesn't require too much knowledge of how the program the attacker hijacks works, but it only works with specific kinds of Intel chips. This is a pretty severe problem but fixes are being rolled out.
    By exploiting the Spectre variants, an attacker can make a program reveal some of its own data that should have been kept secret. It requires more intimate knowledge of the victim program's inner workings, and doesn't allow access to other programs' data, but will also work on just about any computer chip out there. Spectre's name comes from speculative execution but also derives from the fact that it will be much trickier to stop — while patches are starting to become available, other attacks in the same family will no doubt be discovered. That's the other reason for the name: Spectre will be haunting us for some time.
    Source CSO :

    https://www.csoonline.com/article/32...s-at-risk.html

    That is not the case for HP support site, unless I don't know where to look..
    HP being an Intel partner just like Fujitsu I think they have publicized a schedule of the planned releases and the affected products.
    Mind you, I had to search for it as well. I think your best start is Intel's website where they discuss Spectre and Meltdown and cite a list of their partners with links to the respective website pages.

    I'll see if I can find something useful for you and our other HP users.

    Cheers,
      My ComputersSystem Spec

  3.    15 Jan 2018 #222

    tried to call MSI today they appear to be closed for the holiday , since when does a business close for MLK day thats a new one, i new schools and stuff closed but all my local business are open.
      My ComputerSystem Spec

  4.   My ComputersSystem Spec

  5.    15 Jan 2018 #224

    Thanks so much for all the help and information you are providing. I am a bit sorry for my ignorance on certain aspects of the issue at hand. When I look at it, in my case, I only need a BIOS/UEFI update from HP and so far I don't think they have released one yet. I am going to do a more in-depth review of all your references (above) and post back later on..
    Thanks again! :)
    Last edited by IronZorg89; 15 Jan 2018 at 16:15.
      My ComputerSystem Spec

  6.    15 Jan 2018 #225

    Hi,

    You're most welcome.

    When I look at it, in my case, I only need a BIOS/UEFI update from HP and so far I don't think they have released one yet.
    That's correct from what I've seen from the screenshots you posted earlier on. We're both in the same boat here.

    Cheers,
      My ComputersSystem Spec

  7. dencal's Avatar
    Posts : 2,844
    W10 Pro + W10 Preview
       15 Jan 2018 #226

    Cliff S said: View Post
    @dencal try running the SA 00086 tool in safe mode.
    Surface Pro comes with BitLocker encryption enabled by default....so am protected.

    To gain access to safe mode I would need to disable Bitlocker.
    This is simple to do without a key, although it takes a while....access to computer can only be through Windows Hello.

    The problem is when I wish to re-enable Bitlocker.....Would then need to create a key, and safeguard it, if lost would end up with a brick....at my age forgetfulness is commonplace.
    Attached Thumbnails Attached Thumbnails encript.JPG  
      My ComputersSystem Spec

  8. Cliff S's Avatar
    Posts : 21,941
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       15 Jan 2018 #227

    dencal said: View Post
    Surface Pro comes with BitLocker encryption enabled by default....so am protected.

    To gain access to safe mode I would need to disable Bitlocker.
    This is simple to do without a key, although it takes a while....access to computer can only be through Windows Hello.

    The problem is when I wish to re-enable Bitlocker.....Would then need to create a key, and safeguard it, if lost would end up with a brick....at my age forgetfulness is commonplace.
    An alternative would be, restart Windows, so the fast startup is no used, then as soon as you get to the desktop, before all background services, and 3rd party software is loaded, use the SA86 checker.
      My ComputersSystem Spec

  9.    16 Jan 2018 #228

    If anyone is having trouble running the Powershell script here's one more alternative (requires .NET 4.5).
    If ran as administrator it also allows you to disable the windows patches.

    Utility for mitigations CVE-2017-5715 and CVE-2017-5754 status check | guru3D Forums



    @dencal

    According Microsoft your Surface Pro isn't affected by the Management Engine

    Intel Management Engine Vulnerability and Surface Devices Surface

    ..yet they released firmware update January 10. Have you installed it?

    https://support.microsoft.com/en-us/...update-history
      My ComputerSystem Spec

  10.    16 Jan 2018 #229

    As promised, I took a good look at your references and some of the notions about Spectre & Meltdown I already Knew. All in all, I have a better understanding of what is involved about those vulnerabilities. As mentioned in my post #225, there is not much I can do other than wait for a BIOS update or a firmware patch from HP.
    Thanks again.
    Last edited by IronZorg89; 16 Jan 2018 at 15:47.
      My ComputerSystem Spec


 
Page 23 of 75 FirstFirst ... 1321222324253373 ... LastLast

Related Threads
The PowerShell script execution policies enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer. Windows PowerShell has four different execution policies: Execution Policy Description ...
Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
Source: Google Online Security Blog: Disclosing vulnerabilities to protect users
Windows 10 - Need some guidance on recovery in Installation and Upgrade
One of my spare Windows 10 machines is on life support. I must have clobbered it somehow when I was tweaking the multiple display settings ( to incorporate a HDMI projector). It actually worked fine all week, but today, when I tired to set it...
Read more: http://www.zdnet.com/article/microsoft-offers-it-guidance-to-prepare-for-windows-as-a-service/
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 18:06.
Find Us