Windows Client Guidance against speculative execution vulnerabilities

Page 44 of 75 FirstFirst ... 34424344454654 ... LastLast

  1. Posts : 19,209
    W11+W11 Developer Insider + Linux
       #430

    khanmein said:
    @CountMike Why your "Disable Meltdown Protection" is grayed out?
    It's AMD system, no meltdown for them.
      My Computers


  2. Posts : 19,209
    W11+W11 Developer Insider + Linux
       #431

    Hundreds Of Meltdown, Spectre Malware Samples Found In The Wild

    by Lucian Armasu February 1, 2018 at 8:30 AM - Source: Fortinet Blo

    Hundreds Of Meltdown, Spectre Malware Samples Found In The Wild
      My Computers


  3. Posts : 26,971
    Windows 10 (Pro and Insider Pro)
       #432

    CountMike said:
    Hundreds Of Meltdown, Spectre Malware Samples Found In The Wild

    by Lucian Armasu February 1, 2018 at 8:30 AM - Source: Fortinet Blo

    Hundreds Of Meltdown, Spectre Malware Samples Found In The Wild
    Thanks for the heads up @CountMike. This is not looking good
    Can someone with more insight comment on this, regarding the systems that will never get new microcode for BIOS/EFI.
    Few simple questions:
    - malware still have to be executed, either as file or memory process, or are we at risk simply by watching video (i.e.)?
    - can systems be protected with system level fixes (Windows, linux,...), if hardware is kept safe (no physical contact possible)?
      My Computers


  4. Posts : 853
    Windows 10 Pro 21H1 build 19043.1706
       #433

    Pretty sure that any software fix can probably be unfixed. Probably looking at a long time for any microcode fix for older processors if ever, if they can even get one that works properly.
    All we can do is be more careful than usual what and where we are browsing and downloading from. The ones at risk are the ones who believe that just because they have whatever AV and anti malware, they are safe.
      My Computers


  5. Posts : 26,343
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #434

    By the way, if anyone is curious and want to know their microcode revision, just run the validation in CPU-Z and it will show it here, when the validation is finished and your default browser opens:
    Windows Client Guidance against speculative execution vulnerabilities-image-001.png

    Or Aida64
    Windows Client Guidance against speculative execution vulnerabilities-image-002.png

    And lastly, without third party software:
    Open Regedit, and go to:
    (Left click three times fast to select all, then copy, and paste it in Regedit's address bar)
    Code:
    Computer\HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
    Windows Client Guidance against speculative execution vulnerabilities-image-003.png
      My Computers


  6. qao
    Posts : 5
    10
       #435

    Aida64 is trial software.. easier to just use the best system info/monitor software out there that is also freeware HWiNFO - Download

    http://www.overclock.net/photopost/d...dmicrocode.png
      My Computer


  7. Posts : 26,343
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #436

    qao said:
    Aida64 is trial software.. easier to just use the best system info/monitor software out there that is also freeware HWiNFO - Download

    http://www.overclock.net/photopost/d...dmicrocode.png
    I have a licence

    But as I showed, Regedit does the job well enough, the other two(Aida64 and CPU-Z were just to prove the point that you don't need extra software to do it with).
      My Computers


  8. Posts : 2,663
    Windows 11 21H2 (22000.593)
       #437

    AndreTen said:
    Thanks for the heads up @CountMike. This is not looking good
    Can someone with more insight comment on this, regarding the systems that will never get new microcode for BIOS/EFI.
    Few simple questions:
    - malware still have to be executed, either as file or memory process, or are we at risk simply by watching video (i.e.)?
    - can systems be protected with system level fixes (Windows, linux,...), if hardware is kept safe (no physical contact possible)?
    Thus far, it is in an executable format, and thus will need to be run on your system. Also, again, I cannot stress this enough - it is able to access privileged sections of the CPU that normally are not accessible - by dumping area.

    So, it's not just a simple execute and BOOM! all your info is accessed - it has to continuously do so, because you're not always logging in to your financial accounts and such all the time.

    Right now, as far as I know, it is not easily put on a local machine, and you can bet that any anti-malware worth its salt already know of the variants in the wild and are adding definitions to keep them from executing on your machine.

    Finally, we have no easy way to update microcode in Windows - but it is a snap to do so in Linux, as the link I've posted to the updated microcode from Intel (which they have released many times over the years) shows the exact location to insert the code in *nix systems to make use of it.

    SO, if you want to be safer, run *nix with updated microcode.

    If you want to be safest disconnect from the Internet and all local networks and never introduce a new external device to your machine ever again.

    And this is the only true bay to ever be safe with any machine, even those completely patched for both Meltdown and Spectre. Just by going online, even with a fully patched machine, you're taking a chance, because 0-day malware that no one has had time to research, let alone develop a signature for so your anti-malware program can block it. If you connect to a network, or connect a device from the outside that has had any sort of network (even closed ones, technically), you're automatically at risk. Period.

    Cliff S said:
    By the way, if anyone is curious and want to know their microcode revision, just run the validation in CPU-Z and it will show it here, when the validation is finished and your default browser opens:
    Windows Client Guidance against speculative execution vulnerabilities-image-001.png

    Or Aida64
    Windows Client Guidance against speculative execution vulnerabilities-image-002.png

    And lastly, without third party software:
    Open Regedit, and go to:
    (Left click three times fast to select all, then copy, and paste it in Regedit's address bar)
    Code:
    Computer\HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
    Windows Client Guidance against speculative execution vulnerabilities-image-003.png
    Powershell command to see the same:
    Code:
    reg query HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
    See Supafly's post: Windows Client Guidance against speculative execution vulnerabilities - Page 42 - Windows 10 Forums
      My Computers


  9. Posts : 26,343
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #438

    johngalt said:

    Powershell command to see the same:
    Code:
    reg query HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
    See Supafly's post: Windows Client Guidance against speculative execution vulnerabilities - Page 42 - Windows 10 Forums
    Good one John!, Damn these non-rep-able threads
    But know now, a rep for you is in my heart
      My Computers


  10. Posts : 26,971
    Windows 10 (Pro and Insider Pro)
       #439

    johngalt said:
    Thus far, it is in an executable format, and thus will need to be run on your system. Also, again, I cannot stress this enough - it is able to access privileged sections of the CPU that normally are not accessible - by dumping area.

    So, it's not just a simple execute and BOOM! all your info is accessed - it has to continuously do so, because you're not always logging in to your financial accounts and such all the time.

    Right now, as far as I know, it is not easily put on a local machine, and you can bet that any anti-malware worth its salt already know of the variants in the wild and are adding definitions to keep them from executing on your machine.

    Finally, we have no easy way to update microcode in Windows - but it is a snap to do so in Linux, as the link I've posted to the updated microcode from Intel (which they have released many times over the years) shows the exact location to insert the code in *nix systems to make use of it.

    SO, if you want to be safer, run *nix with updated microcode.

    If you want to be safest disconnect from the Internet and all local networks and never introduce a new external device to your machine ever again.

    And this is the only true bay to ever be safe with any machine, even those completely patched for both Meltdown and Spectre. Just by going online, even with a fully patched machine, you're taking a chance, because 0-day malware that no one has had time to research, let alone develop a signature for so your anti-malware program can block it. If you connect to a network, or connect a device from the outside that has had any sort of network (even closed ones, technically), you're automatically at risk. Period.



    Powershell command to see the same:
    Code:
    reg query HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
    See Supafly's post: Windows Client Guidance against speculative execution vulnerabilities - Page 42 - Windows 10 Forums
    Thanks, this is what I needed. Was thinking of it this way...

    on rep!
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 17:25.
Find Us




Windows 10 Forums