Windows 10: Windows Client Guidance against speculative execution vulnerabilities

Page 27 of 73 FirstFirst ... 17252627282937 ... LastLast

  1. Posts : 1,289
    W10 pro x64 and W8.1 x86
       19 Jan 2018 #260

    Many thanks for that. Probably one for tomorrow, and if it does all work I know it will be grim reading because its an 11yr+ old laptop.

    You've been really helpful, I appreciate it, a pity there are no rep do-dahs on TUT's
      My ComputerSystem Spec


  2. Posts : 1,534
    WinX Pro x64 IP current
       19 Jan 2018 #261

    IronZorg89 said: View Post
    Like I mentioned in one of my previous posts, that was one of my biggest fears. By being hasty in providing a microcode fix for this issue (Spectre & Meltdown), that could end up doing more harm than good. This is an excerpt from @johngalt's article above:

    The bad news: Intel has previously warned that the microcode update it issued to provide some processor-based mitigation for some kinds of Spectre attack was causing machines with Haswell and Broadwell processors to reboot. It turns out that the problems are more widespread than previously reported: the chip company is now saying that Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake systems are affected, too.

    Unless my olfactory sense is deteriorating, I am starting to "smell a rat" about the whole shebang. This problem with all processors has been around for more than 23 years, how come it has suddenly blown out of proportion just now?. Some articles about Spectre & Meltdown are even already talking about buying a new PC. I don't have the wherewithal to buy a new PC every 2-3 years..The one I am using right now was bought brand new in June 2015.
    Here is the thing.

    The combustion engine was developed in the late 1800s as an alternative to steam engines. We used (and continue to use) them for quite a long time, only to find out (much later) that combustion of hydrocarbons is dangerous in many ways, both to human health as well as the environment. Part of the reason why this wasn't discovered sooner is that we didn't have the equipment to test for the problems, part was that we didn't think it would cause such a problem, and part was the we had no previous empirical data to look at to show any sort of cause and effect relation for the combustion.

    This is an analogous situation to these CPU vulnerabilities. The CPUs were developed with certain capabilities in mind, and the capabilities worked as advertised. 23 years is a short time to Discover the very novel ways that these capabilities were taken advantage of, and there was no empirical data from any previous release of CPUs that these vulnerabilities could exist. We certainly didn't have the equipment 23 years ago to test for these vulnerabilities, and no one had bothered considering that these vulnerabilities may even exist.

    Remember, they were first *theorized* in 2016....
      My ComputersSystem Spec


  3. Posts : 30,611
    64-bit Windows 10 Pro build 17713
    Thread Starter
       19 Jan 2018 #262

    First post updated to add a download PowerShell module option to verify with if needed.
      My ComputersSystem Spec


  4. Posts : 13,048
    Windows 10 (Pro and Insider Pro)
       19 Jan 2018 #263

    johngalt said: View Post
    Here is the thing.

    The combustion engine was developed in the late 1800s as an alternative to steam engines. We used (and continue to use) them for quite a long time, only to find out (much later) that combustion of hydrocarbons is dangerous in many ways, both to human health as well as the environment. Part of the reason why this wasn't discovered sooner is that we didn't have the equipment to test for the problems, part was that we didn't think it would cause such a problem, and part was the we had no previous empirical data to look at to show any sort of cause and effect relation for the combustion.

    This is an analogous situation to these CPU vulnerabilities. The CPUs were developed with certain capabilities in mind, and the capabilities worked as advertised. 23 years is a short time to Discover the very novel ways that these capabilities were taken advantage of, and there was no empirical data from any previous release of CPUs that these vulnerabilities could exist. We certainly didn't have the equipment 23 years ago to test for these vulnerabilities, and no one had bothered considering that these vulnerabilities may even exist.

    Remember, they were first *theorized* in 2016....
    @johngalt very nice analogy :)
      My ComputerSystem Spec


  5. Posts : 1,534
    WinX Pro x64 IP current
       19 Jan 2018 #264

    AndreTen said: View Post
    @johngalt Windows Client Guidance against speculative execution vulnerabilities very nice analogy :)
    Thanks
      My ComputersSystem Spec

  6.    19 Jan 2018 #265

    johngalt said: View Post
    Here is the thing.

    The combustion engine was developed in the late 1800s as an alternative to steam engines. We used (and continue to use) them for quite a long time, only to find out (much later) that combustion of hydrocarbons is dangerous in many ways, both to human health as well as the environment. Part of the reason why this wasn't discovered sooner is that we didn't have the equipment to test for the problems, part was that we didn't think it would cause such a problem, and part was the we had no previous empirical data to look at to show any sort of cause and effect relation for the combustion.

    This is an analogous situation to these CPU vulnerabilities. The CPUs were developed with certain capabilities in mind, and the capabilities worked as advertised. 23 years is a short time to Discover the very novel ways that these capabilities were taken advantage of, and there was no empirical data from any previous release of CPUs that these vulnerabilities could exist. We certainly didn't have the equipment 23 years ago to test for these vulnerabilities, and no one had bothered considering that these vulnerabilities may even exist.

    Remember, they were first *theorized* in 2016....
    Very understandable analogy, but contrary to what @larc919 has mentioned in his post # 246 (I'm not convinced it's a good idea to announce existence of a major widespread PC problem before there's a workable fix for it.), there is no fix yet for Spectre on my PC and I am still vulnerable.

    Click image for larger version. 

Name:	Spectre Meltdown CPU Checker- Result.png 
Views:	65 
Size:	100.6 KB 
ID:	173326

    HP has not yet released a BIOS/UEFI firmware update, as far as I know, to make me feel secure. It's a fact that fixing a problem at the architectural level of a processor is not easy. I am not tech-savvy enough to know or understand what goes under the hood, but sometimes I get really suspicious when ,in some articles, they are talking about the prospect of buying a new PC with the upcoming flawless CPU in order to be totally safe from these vulnerabilities (Speculative Execution Sidetrack Attacks). So my point is two-fold:

    1) The word is out there already and I am not yet protected and as we all know the fix is going to be a palliative, for it will have some performance hit on some processors, more so on the older ones.

    2) I am not willing and ready yet to buy a new PC in the foreseeable future.

    Thanks for chiming in and no hard feeling. Really appreciate your post :)
      My ComputerSystem Spec


  7. Posts : 1,534
    WinX Pro x64 IP current
       19 Jan 2018 #266

    IronZorg89 said: View Post
    Very understandable analogy, but contrary to what @larc919 has mentioned in his post # 246 (I'm not convinced it's a good idea to announce existence of a major widespread PC problem before there's a workable fix for it.), there is no fix yet for Spectre on my PC and I am still vulnerable.

    Click image for larger version. 

Name:	Spectre Meltdown CPU Checker- Result.png 
Views:	65 
Size:	100.6 KB 
ID:	173326

    HP has not yet released a BIOS/UEFI firmware update, as far as I know, to make me feel secure. It's a fact that fixing a problem at the architectural level of a processor is not easy. I am not tech-savvy enough to know or understand what goes under the hood, but sometimes I get really suspicious when ,in some articles, they are talking about the prospect of buying a new PC with the upcoming flawless CPU in order to be totally safe from these vulnerabilities (Speculative Execution Sidetrack Attacks). So my point is two-fold:

    1) The word is out there already and I am not yet protected and as we all know the fix is going to be a palliative, for it will have some performance hit on some processors, more so on the older ones.

    2) I am not willing and ready yet to buy a new PC in the foreseeable future.

    Thanks for chiming in and no hard feeling. Really appreciate your post :)
    If it makes you feel better:

    My CPU is officially 10 years old (original generation Core i7 965 EE).

    My motherboard is officially 8 (eVGA X58 Classified 3)

    The last BIOS released for my motherboard was in 2011.

    eVGA tech LeeM has stated on the eVGA forums that the status for a BIOS upgrade for my family of machines, among other 'legacy' boards, is as follows: these boards will only get a BIOS upgrade if Intel releases source code for the BIOS to them. Not the CPU microcode patch, but the entire BIOS.

    Which means that they cannot just take an old BIOS and replaced the microcode with the new one and release it.

    As for not releasing the vulnerability to the public when they found out about it, I have already stated and will continue to state that it is ADMIRABLE of Intel to get to work on finding fixes for the vulnerabilities, as much as possible, as soon as possible, working with the OS vendors to get this taken care of before it became public knowledge.

    It would be stupid for them to release the vulnerability that NO ONE KNEW ABOUT to the public with no fix.

    Unfortunately, there is still no fix for one variant of Spectre, for ANYONE. And that is the real danger here now.
      My ComputersSystem Spec


  8. Posts : 392
    Windows 10 preview 64-bit Pro
       19 Jan 2018 #267

    I've a few old laptops that are virtually susceptible to Spectre. As for a two year old HP laptop not showing for a UEFI/bios upgrade in their list is disappointing to say the least. Always bought HP for myself so this wasn't expected. Posted a query on their forums yesterday and the silence is deafening. When I queried for the Intel firmware update had a reply almost instantly.
      My ComputerSystem Spec

  9.    19 Jan 2018 #268

    johngalt said: View Post
    It would be stupid for them to release the vulnerability that NO ONE KNEW ABOUT to the public with no fix.

    Unfortunately, there is still no fix for one variant of Spectre, for ANYONE. And that is the real danger here now.
    That's my whole point. The vulnerabilities from Spectre &Meltdown are known by the bad guys (hackers) out there and I am still not completely covered. Unfortunately, there is nothing either you , me or anyone else can do while waiting for a firmware patch.
      My ComputerSystem Spec

  10.    19 Jan 2018 #269

    IronZorg89 said: View Post
    Unfortunately, there is nothing either you , me or anyone else can do while waiting for a firmware patch.
    Isn't there? What if you run as a standard user? Would that help or not?

    Doesn't the malware required need authority to run or does any user (including limited ones) have access to see what the butler is doing in the wine cellar (to use the feeble analogy apparently used by every single newspaper on the planet).
      My ComputerSystem Spec


 
Page 27 of 73 FirstFirst ... 17252627282937 ... LastLast

Related Threads
The PowerShell script execution policies enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer. Windows PowerShell has four different execution policies: Execution Policy Description ...
Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
Source: Google Online Security Blog: Disclosing vulnerabilities to protect users
Windows 10 - Need some guidance on recovery in Installation and Upgrade
One of my spare Windows 10 machines is on life support. I must have clobbered it somehow when I was tweaking the multiple display settings ( to incorporate a HDMI projector). It actually worked fine all week, but today, when I tired to set it...
Read more: http://www.zdnet.com/article/microsoft-offers-it-guidance-to-prepare-for-windows-as-a-service/
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 05:01.
Find Us