Windows 10: Windows Client Guidance against speculative execution vulnerabilities

Page 72 of 73 FirstFirst ... 226270717273 LastLast

  1. Posts : 69
    Win10 Pro x64 / WinServer 2016 Essentials
       21 May 2018 #710

    [QUOTE=Polo6RGTI;1377200]I'm running a Beta BIOS from MSI

    A month has gone by since last releases and INTEL are cooking away no doubt.
      My ComputerSystem Spec

  2.    21 May 2018 #711

    Steve C said: View Post
    Hope we have a fix soon. I wonder how long the intelligence agencies have been exploiting this vulnerability?

    Mitigation against Spectre Variant 1 is supposed to protect against that particular exploit.

    I would love to ask an engineer who worked on the Itanium processor if they knew about some of these vulnerabilities almost 20 years ago.
      My ComputerSystem Spec

  3.    3 Weeks Ago #712

    In what seems like a drastic move, OpenBSD will be disabling hyper-threading on Intel machines. Apparently, hyper-threading makes it easier to exploit speculative executive side-channel vulnerabilities.

    https://www.theregister.co.uk/2018/0...yperthreading/
      My ComputerSystem Spec


  4. Posts : 395
    Windows 10 Pro 1803 17134.137
       3 Weeks Ago #713

    Yes - Its been pretty quiet. The one I'm Interested in is for ASUS. I talked to their tech support just after Intel released the last batch of code and when it would be available for my ASUS system. They stated some time in June. I checked on Monday, but nothing on the support site for my system. Maybe their (ASUS) June will be like the April Release of Win 10 ????

    Probably August ??
      My ComputersSystem Spec

  5.    3 Weeks Ago #714

    You don't need manufacturer bios to mitigate, only OS microcode update and the internal OS support for mitigation, look at the Microsoft KB article for the patch for your system version and the mitigation will be enabled on next reboot, check with inspectre.
    What I am interested in is the not yet released microcodes for latest side channel vulnerability that lately has been patched but not activated automatically.
      My ComputerSystem Spec

  6.    3 Weeks Ago #715

    er557 said: View Post
    You don't need manufacturer bios to mitigate, only OS microcode update and the internal OS support for mitigation, look at the Microsoft KB article for the patch for your system version and the mitigation will be enabled on next reboot, check with inspectre.
    What I am interested in is the not yet released microcodes for latest side channel vulnerability that lately has been patched but not activated automatically.

    Given that Variant 3a and Variant 4 are not considered to be critical vulnerabilities, Microsoft might not provide the microcode updates from Intel. But it's likely that there are additional yet-to-be-disclosed speculative execution side-channel vulnerabilities that are more severe. And since CPU microcode updates are cumulative, when Microsoft provides the microcode updates that mitigate those more severe vulnerabilities, the microcode updates should also provide protection against Variant 3a and Variant 4.
      My ComputerSystem Spec

  7.    2 Weeks Ago #716

    Intel processors (and probably AMD processors) have a new side-channel vulnerability called TLBleed. This is the vulnerability that apparently prompted OpenBSD to disable hyper-threading on all Intel processors. But contrary to what I stated about a week ago, the vulnerability (which can be used to leak encryption keys) does not appear to have anything to do with speculative execution.


    https://www.zdnet.com/article/tlblee...t-to-be-fixed/
      My ComputerSystem Spec


  8. Posts : 326
    Windows 10 x64 17134.165
       5 Days Ago #717

    Intel's Dirty Dozen:
    Security Center
      My ComputersSystem Spec

  9.    4 Days Ago #718

    Polo6RGTI said: View Post
    Intel's Dirty Dozen:
    Security Center
    With earlier vulnerabilities they provided a ME / AMT tool you could run to check for defective firmware.

    There doesn't appear to be anything you can use to check for any of these vulnerabilities and verify you have updated the images correctly.

    Manually reading the security notes and deciding which are applicable and tracking them to resolution is not appealing. Relying on manufacturers for support is largely spotty.

    Don't want to sound overly tin-hat but firmware vulnerabilities can't be corrected by securing the software.
      My ComputersSystem Spec

  10.    4 Days Ago #719

    There are two more speculative execution side-channel vulnerabilities: Variant 1.1 and Variant 1.2.

    It's unclear if current protection against Variant 1 provides sufficient protection against these two new variants.


    https://www.bleepingcomputer.com/news/security/new-spectre-11-and-spectre-12-cpu-flaws-disclosed/



      My ComputerSystem Spec


 
Page 72 of 73 FirstFirst ... 226270717273 LastLast

Related Threads
The PowerShell script execution policies enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer. Windows PowerShell has four different execution policies: Execution Policy Description ...
Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
Source: Google Online Security Blog: Disclosing vulnerabilities to protect users
Windows 10 - Need some guidance on recovery in Installation and Upgrade
One of my spare Windows 10 machines is on life support. I must have clobbered it somehow when I was tweaking the multiple display settings ( to incorporate a HDMI projector). It actually worked fine all week, but today, when I tired to set it...
Read more: http://www.zdnet.com/article/microsoft-offers-it-guidance-to-prepare-for-windows-as-a-service/
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 06:04.
Find Us