Windows Client Guidance against speculative execution vulnerabilities

Page 6 of 75 FirstFirst ... 456781656 ... LastLast

  1. Posts : 5,833
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       #50

    Superfly said:
    Hmmm.. that one does need some updating...seems all it has is the Win update fix.... firmware is non-compliant..
    That was on my FCU partition. Below is my IP 17063 partition, which, of course, is the same BIOS, but they say we Insiders are running the latest security fixes? What a crock!

    Absolutely nothing on the Asus site about this issue. Not in support or news. Zilch. I have this sinking feeling I won't be able to update this tower, nor my laptop BIOS. Probably at least half of us here will own boat anchors soon unless we get updates. If not, then these bass turd corporations will turn around and sell us more junk. Money sucking educated idiots, every one of them.

    Gates had better step in on this issue to do something about it.


    Attachment 171104
      My Computers


  2. Posts : 3,446
       #51

    HippsieGypsie said:
    That was on my FCU partition. Below is my IP 17063 partition, which, of course, is the same BIOS, but they say we Insiders are running the latest security fixes? What a crock!

    Absolutely nothing on the Asus site about this issue. Not in support or news. Zilch. I have this sinking feeling I won't be able to update this tower, nor my laptop BIOS. Probably at least half of us here will own boat anchors soon unless we get updates. If not, then these bass turd corporations will turn around and sell us more junk. Money sucking educated idiots, every one of them.

    Gates had better step in on this issue to do something about it.
    Attachment 171104


    My posts are getting deleted at a rapid rate...so read quickly...

    But totally agree... what goes around comes around...

    ...my last post here.
      My Computer


  3. Posts : 591
    Windows 10 Pro 64bit; Windows 10 TP; KDE Neon
       #52

    @Brink, can you please add the PowerShell command to restore things the way they were, before all this?

    Is this the appropriate command?

    Set-ExecutionPolicy Restricted -Scope Process -Force


    Thank you.
      My Computers


  4. Posts : 26,337
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #53

    Joanne said:
    @Brink, can you please add the PowerShell command to restore things the way they were, before all this?

    Is this the appropriate command?

    Set-ExecutionPolicy Restricted -Scope Process -Force


    Thank you.
    Using the Set-ExecutionPolicy Cmdlet
    Changing the Windows PowerShell Script Execution Policy
    The Set-ExecutionPolicy cmdlet enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer. Windows PowerShell has four different execution policies:

    Restricted - No scripts can be run. Windows PowerShell can be used only in interactive mode.
    AllSigned - Only scripts signed by a trusted publisher can be run.
    RemoteSigned - Downloaded scripts must be signed by a trusted publisher before they can be run.
    Unrestricted - No restrictions; all Windows PowerShell scripts can be run.

    To assign a particular policy simply call Set-ExecutionPolicy followed by the appropriate policy name. For example, this command sets the execution policy to RemoteSigned:
    Code:
    Set-ExecutionPolicy RemoteSigned
    Using the Set-ExecutionPolicy Cmdlet
      My Computers


  5. Posts : 591
    Windows 10 Pro 64bit; Windows 10 TP; KDE Neon
       #54

    Eh... Okay, thank you... but... no time + not quite in the mood right now to try this new thing I meet, first time in my life, so... which command exactly returns the system the way it was before all this? And does the "-Scope Process -Force" part of the initial commands play any role?

    Like, IF I will give "Set-ExecutionPolicy RemoteSigned" will it get applied OR will PowerShell complain due to the Scope Process Force?

    @Brink, hello, please?
      My Computers


  6. VBF
    Posts : 593
    Win 10 Pro
       #55

    Joanne said:
    Eh... Okay, thank you... but... no time + not quite in the mood right now to try this new thing I meet, first time in my life, so... which command exactly returns the system the way it was before all this? And does the "-Scope Process -Force" part of the initial commands play any role?

    Like, IF I will give "Set-ExecutionPolicy RemoteSigned" will it get applied OR will PowerShell complain due to the Scope Process Force?

    @Brink, hello, please?
    This PowerShell and the execution policies explained | JeffOps appears to explain the
    -Scope” parameter and to my mind if we use the Process switch it will only alter the current process, so closing Powershell will cancel any changes.
    I too would like confirmation of that.....

    EDIT:
    If you run all 3 steps in the OP of this thread, THEN close and Reopen Powershell, THEN ONLY run
    Get-SpeculationControlSettings
    WITHOUT running the previous 2 steps, it fails to run.
    Run all 3 steps again and it works as illustrated so it looks like it does just affect the current process as i said above.

    Actually, reading the first post it does say "
    Temporarily set PowerShell script execution policy"
    And if you type Get-ExecutionPolicy when you first open Powershell it's Restricted
    Run the first command "Set-ExecutionPolicy Unrestricted -Scope Process -Force" it goes to Unrestricted
    Close and reopen Powershell and it's Restricted again
      My Computers


  7. Posts : 591
    Windows 10 Pro 64bit; Windows 10 TP; KDE Neon
       #56

    Okay, thank you, now I understand it is temporarily. It is OK now.


    Windows Client Guidance against speculative execution vulnerabilities-okok.png
      My Computers


  8. Posts : 1,871
    W10 pro x64 20H2 Build 19042.610
       #57

    My understanding so far in all this is that the Windows Updates are only a tiny part of the puzzle and its solution, and that it will be future firmware updates that complete the fix... and I also assume that is the point we will see any performance impacts.

    Is that a correct assumption ?

    I looked at Dell and see they now have a dedicated page to this:

    Microprocessor Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell products | Dell US


    I also see that as yet my Vostro 3750 doesn't make the list (maybe considered to old at 6 yrs).

    Also, if a firmware update is the last piece of the puzzle then is it also correct to say that such an update can only be applied manually via a user searching the details out, or a user running a PC that is linked to and automatically supported by a manufacturer ?

    I see that as a major issue where things can and will go wrong for some.
      My Computer


  9. Posts : 725
    Windows 10 64-bits
       #58

    Mooly said:
    My understanding so far in all this is that the Windows Updates are only a tiny part of the puzzle and its solution, and that it will be future firmware updates that complete the fix... and I also assume that is the point we will see any performance impacts.

    Is that a correct assumption ?

    I looked at Dell and see they now have a dedicated page to this:

    Microprocessor Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell products | Dell US


    I also see that as yet my Vostro 3750 doesn't make the list (maybe considered to old at 6 yrs).

    Also, if a firmware update is the last piece of the puzzle then is it also correct to say that such an update can only be applied manually via a user searching the details out, or a user running a PC that is linked to and automatically supported by a manufacturer ?

    I see that as a major issue where things can and will go wrong for some.
    Seemingly, there will be lot of system that will not receive BIOS/EUFI updates. Most hardware, including the CPU, have a three years warranty. And of course, it is a limited warranty...

    The chances are that hardware, where the warranty period expired, the updates will be scarce. OEMs, manufacturers, etc., would love to see you purchase a new system in this stagnating computer market. Even if purchasing a new system will not result in much of a performance increase over the existing one. Especially, if the new system does not have SSD drive and the old one with Sandy or Ivy Bridge CPU does....

    Windows Client Guidance against speculative execution vulnerabilities-ps-check.jpg

    That's on my W10 system that's EOL-ed; yes there is a better acronym for that...
      My Computer


  10. Posts : 2,826
    Windows 10 Pro X64
       #59

    Hi,

    Seemingly, there will be lot of system that will not receive BIOS/EUFI updates.
    A bios/uefi update won't be fixing this vulnerability anyhow. Intel, Google, MS and so on are working on solutions for it.
    There are pretty recent (November 2017) micro code updates available for pretty much any cpu that needs it starting with the now prehistoric Pentiums and upwards.
    It does not resolve this vulnerability yet, just saying that there's hope for people with oldish hard ware.


    Cheers,
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 14:49.
Find Us




Windows 10 Forums