Windows 10: Protect your Windows devices against Spectre and Meltdown

Page 6 of 7 FirstFirst ... 4567 LastLast

  1. Posts : 2,315
    Windows 10 Home x64 (Laptop), Windows 10 Pro x64 (Desktop)
       4 Weeks Ago #51

    Kbird said: View Post
    Haven't heard of his Site for a while either ...decided to try LeakTest like in the old days ....seems I have some work to do....

    KB.
    The DNS checker on his site is really useful. It polls all DNS servers accessible from your PC and identifies the fastest which may not be your internet service provider's. You can then set your default DNS server to a faster one if you want.
      My ComputersSystem Spec


  2. Posts : 18,912
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       3 Weeks Ago #52

      My ComputersSystem Spec


  3. Posts : 18,912
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       3 Weeks Ago #53

    To get the white papers on Meltdown & Spectre(and tons more technical information on the subject): Meltdown and Spectre

    Meltdown
    Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.

    If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure. Luckily, there are software patches against Meltdown.

    Spectre
    Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre

    Spectre is harder to exploit than Meltdown, but it is also harder to mitigate. However, it is possible to prevent specific known exploits based on Spectre through software patches.
      My ComputersSystem Spec

  4.    3 Weeks Ago #54

    The timing of the whole Meltdown/Spectre thing is peculiar. The major players were alerted to the vulnerability in June 2017 and after discussion decided that they would announce the problem on January 9, 2018. Probably with the notion that it would get lost in the noise from CES. So here's a conspiracy theory... ;-)

    Intel and AMD had considerable time to study the 3 vulnerabilities and figure out how their processors would be affected. AMD thought the impact on their processors would be minimal, withess their inital pronouncement when the news broke early. Intel realized Meltdown mitigation would have more of an impact on their processors than on AMD's so they decided to suggest a Meltdown fix to be applied to both Intel and AMD processors. Tom Lendacky, the Linux guy at AMD, figured this out and wrote a memo on December 26, 2017 stating that AMD processors were not vulnerable to Meltdown and should not have this fix applied: LKML: Tom Lendacky: [PATCH] x86/cpu, x86/pti: Do not enable PTI on AMD processors

    That Tom Lendacky memo caught the attention of others too and a few days later an article appeared in "The Register" that exposed Meltdown/Spectre about a week earlier than planned.

    When Linus Torvalds saw this memo he realized that Intel was willing to compromise Linux performance on AMD machines so Intel machines would not be the only ones to suffer a performance hit. This apparently triggered his well publicised Intel rant.

    I expect Intel did the same thing with Microsoft. Thus, both Linux and MS had to scramble to re-code the changes they had been making to handle Meltdown, likely leading to the Win 10 releases that failed to boot on older AMD processors - still, it's hard to excuse MS for failing to test on at least one older AMD computer.

    I've got two older AMD machines with Win 10 (so Spectre 1 is patched). Neither is likely to ever see a BIOS update so there's little choice but to hope that AMD's opinion is correct: Spectre 2 is very difficult to weaponize on AMD. Even the toy versions of Spectre 2 don't work reliably on AMD according to the original reports.
      My ComputerSystem Spec


  5. Posts : 213
    Windows 10 PRO
       3 Weeks Ago #55

    gadgetbuilder said: View Post
    the timing of the whole meltdown/spectre thing is peculiar. The major players were alerted to the vulnerability in june 2017 and after discussion decided that they would announce the problem on january 9, 2018. Probably with the notion that it would get lost in the noise from ces. So here's a conspiracy theory... ;-)

    intel and amd had considerable time to study the 3 vulnerabilities and figure out how their processors would be affected. Amd thought the impact on their processors would be minimal, withess their inital pronouncement when the news broke early. Intel realized meltdown mitigation would have more of an impact on their processors than on amd's so they decided to suggest a meltdown fix to be applied to both intel and amd processors. Tom lendacky, the linux guy at amd, figured this out and wrote a memo on december 26, 2017 stating that amd processors were not vulnerable to meltdown and should not have this fix applied: lkml: Tom lendacky: [patch] x86/cpu, x86/pti: Do not enable pti on amd processors

    that tom lendacky memo caught the attention of others too and a few days later an article appeared in "the register" that exposed meltdown/spectre about a week earlier than planned.

    When linus torvalds saw this memo he realized that intel was willing to compromise linux performance on amd machines so intel machines would not be the only ones to suffer a performance hit. This apparently triggered his well publicised intel rant.

    I expect intel did the same thing with microsoft. Thus, both linux and ms had to scramble to re-code the changes they had been making to handle meltdown, likely leading to the win 10 releases that failed to boot on older amd processors - still, it's hard to excuse ms for failing to test on at least one older amd computer.

    I've got two older amd machines with win 10 (so spectre 1 is patched). Neither is likely to ever see a bios update so there's little choice but to hope that amd's opinion is correct: Spectre 2 is very difficult to weaponize on amd. Even the toy versions of spectre 2 don't work reliably on amd according to the original reports.
    aaaaaaaaaah!! Nooooooo!!!!! It's a conspiracy!!!

    Click image for larger version. 

Name:	aluhoedje.jpg 
Views:	80 
Size:	111.7 KB 
ID:	174568
      My ComputerSystem Spec


  6. Posts : 165
    Windows 10 Pro x64 16299.248
       3 Weeks Ago #56

    Microsoft Issues Windows Out-of-Band Update

      My ComputerSystem Spec

  7.    3 Weeks Ago #57

    this was mentioned in yesterday's Intel Security Posting too.... about 1/2 way down

    Intel Product Security Center
      My ComputerSystem Spec

  8.    3 Weeks Ago #58

    indianacarnie said: View Post
    Don't get it. MSi and Intel both tell me I'm safe and patched, but InSpectre tells me I'm not. Wonder why?
    Attachment 174595Attachment 174596Attachment 174597
    Cos that is the Wrong Intel Tool , it is for November's Issue.... Not M&S Issue in Dec.
      My ComputerSystem Spec

  9.    3 Weeks Ago #59

    I guess I was deleting my post as you were replying. I just went back to Intel and got the Intel ME FW Update Tool. It is dated 28Jan18 same as that InSpectre tool. Same result.
    Click image for larger version. 

Name:	126Capture.PNG 
Views:	7 
Size:	29.5 KB 
ID:	174605Click image for larger version. 

Name:	127Capture.PNG 
Views:	72 
Size:	22.6 KB 
ID:	174606
      My ComputerSystem Spec


  10. Posts : 1,535
    Microsoft Windows 10 Home 64-bit
       3 Weeks Ago #60

    I got this HP Convertible at the end of December and it has an AMD A9 processor, even though I'm up to date with all necessary Windows updates and since upgraded the BIOS and UEFI firmware from HP for this machine that tool from Steve's site still showed Spectre Protected: NO!
    I did read somewhere that even with the necessary patches and upgrades some machines could still be vulnerable though.
      My ComputersSystem Spec


 
Page 6 of 7 FirstFirst ... 4567 LastLast

Related Threads
I am running FCU Win 10 Pro on a MSI P35 Neo F v1 motherboard with Core 2 Duo E8400 CPU. I have ran the MS controlsettings script which informs me I am protected from Spectre by Windows Update but not Meltdown without a BIOS/Microcode update. As...
Emergency Windows Meltdown patch locks some AMD PCs into endless loop - TechRepublic
Source: Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems Microsoft Secure
Source: Meltdown and Spectre: what you need to know - Malwarebytes Labs | Malwarebytes Labs See also: Windows Client Guidance against speculative execution vulnerabilities - Windows 10 Forums
Hi,I have purchased the above machine and need some advice on a few aspects...HP have loaded their own updater/messages/support software which I would like to unload. Is this safe and recommended? Will removing this also remove any HP loaded device...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:42.
Find Us