Protect your Windows devices against Spectre and Meltdown

Page 6 of 9 FirstFirst ... 45678 ... LastLast

  1. Posts : 7,090
    Windows 10 Pro 64 bit
       #50

    Kbird said:
    Haven't heard of his Site for a while either ...decided to try LeakTest like in the old days ....seems I have some work to do....

    KB.
    The DNS checker on his site is really useful. It polls all DNS servers accessible from your PC and identifies the fastest which may not be your internet service provider's. You can then set your default DNS server to a faster one if you want.
      My Computers


  2. Posts : 26,355
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #51

      My Computers


  3. Posts : 26,355
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #52

    To get the white papers on Meltdown & Spectre(and tons more technical information on the subject): Meltdown and Spectre

    Meltdown
    Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.

    If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure. Luckily, there are software patches against Meltdown.

    Spectre
    Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre

    Spectre is harder to exploit than Meltdown, but it is also harder to mitigate. However, it is possible to prevent specific known exploits based on Spectre through software patches.
      My Computers


  4. Posts : 6
    Win 10 Pro x64 Build 20H2
       #53

    The timing of the whole Meltdown/Spectre thing is peculiar. The major players were alerted to the vulnerability in June 2017 and after discussion decided that they would announce the problem on January 9, 2018. Probably with the notion that it would get lost in the noise from CES. So here's a conspiracy theory... ;-)

    Intel and AMD had considerable time to study the 3 vulnerabilities and figure out how their processors would be affected. AMD thought the impact on their processors would be minimal, withess their inital pronouncement when the news broke early. Intel realized Meltdown mitigation would have more of an impact on their processors than on AMD's so they decided to suggest a Meltdown fix to be applied to both Intel and AMD processors. Tom Lendacky, the Linux guy at AMD, figured this out and wrote a memo on December 26, 2017 stating that AMD processors were not vulnerable to Meltdown and should not have this fix applied: LKML: Tom Lendacky: [PATCH] x86/cpu, x86/pti: Do not enable PTI on AMD processors

    That Tom Lendacky memo caught the attention of others too and a few days later an article appeared in "The Register" that exposed Meltdown/Spectre about a week earlier than planned.

    When Linus Torvalds saw this memo he realized that Intel was willing to compromise Linux performance on AMD machines so Intel machines would not be the only ones to suffer a performance hit. This apparently triggered his well publicised Intel rant.

    I expect Intel did the same thing with Microsoft. Thus, both Linux and MS had to scramble to re-code the changes they had been making to handle Meltdown, likely leading to the Win 10 releases that failed to boot on older AMD processors - still, it's hard to excuse MS for failing to test on at least one older AMD computer.

    I've got two older AMD machines with Win 10 (so Spectre 1 is patched). Neither is likely to ever see a BIOS update so there's little choice but to hope that AMD's opinion is correct: Spectre 2 is very difficult to weaponize on AMD. Even the toy versions of Spectre 2 don't work reliably on AMD according to the original reports.
      My Computer


  5. Posts : 1,568
    Windows 10 HOME 64-BIT
       #54

    gadgetbuilder said:
    the timing of the whole meltdown/spectre thing is peculiar. The major players were alerted to the vulnerability in june 2017 and after discussion decided that they would announce the problem on january 9, 2018. Probably with the notion that it would get lost in the noise from ces. So here's a conspiracy theory... ;-)

    intel and amd had considerable time to study the 3 vulnerabilities and figure out how their processors would be affected. Amd thought the impact on their processors would be minimal, withess their inital pronouncement when the news broke early. Intel realized meltdown mitigation would have more of an impact on their processors than on amd's so they decided to suggest a meltdown fix to be applied to both intel and amd processors. Tom lendacky, the linux guy at amd, figured this out and wrote a memo on december 26, 2017 stating that amd processors were not vulnerable to meltdown and should not have this fix applied: lkml: Tom lendacky: [patch] x86/cpu, x86/pti: Do not enable pti on amd processors

    that tom lendacky memo caught the attention of others too and a few days later an article appeared in "the register" that exposed meltdown/spectre about a week earlier than planned.

    When linus torvalds saw this memo he realized that intel was willing to compromise linux performance on amd machines so intel machines would not be the only ones to suffer a performance hit. This apparently triggered his well publicised intel rant.

    I expect intel did the same thing with microsoft. Thus, both linux and ms had to scramble to re-code the changes they had been making to handle meltdown, likely leading to the win 10 releases that failed to boot on older amd processors - still, it's hard to excuse ms for failing to test on at least one older amd computer.

    I've got two older amd machines with win 10 (so spectre 1 is patched). Neither is likely to ever see a bios update so there's little choice but to hope that amd's opinion is correct: Spectre 2 is very difficult to weaponize on amd. Even the toy versions of spectre 2 don't work reliably on amd according to the original reports.
    aaaaaaaaaah!! Nooooooo!!!!! It's a conspiracy!!!

    Protect your Windows devices against Spectre and Meltdown-aluhoedje.jpg
      My Computer


  6. Posts : 803
    Windows 10 Enterprise x64 19044.1737
       #55

    Microsoft Issues Windows Out-of-Band Update

      My Computer


  7. Posts : 2,295
    Win10 202H
       #56

    this was mentioned in yesterday's Intel Security Posting too.... about 1/2 way down

    Intel Product Security Center
      My Computers


  8. Posts : 2,295
    Win10 202H
       #57

    indianacarnie said:
    Don't get it. MSi and Intel both tell me I'm safe and patched, but InSpectre tells me I'm not. Wonder why?
    Attachment 174595Attachment 174596Attachment 174597
    Cos that is the Wrong Intel Tool , it is for November's Issue.... Not M&S Issue in Dec.
      My Computers


  9. Posts : 1,327
    Windows 10 Home x64
       #58

    I guess I was deleting my post as you were replying. I just went back to Intel and got the Intel ME FW Update Tool. It is dated 28Jan18 same as that InSpectre tool. Same result.
    Protect your Windows devices against Spectre and Meltdown-126capture.pngProtect your Windows devices against Spectre and Meltdown-127capture.png
      My Computer


  10. Posts : 2,277
    Microsoft Windows 10 Home 64-bit
       #59

    I got this HP Convertible at the end of December and it has an AMD A9 processor, even though I'm up to date with all necessary Windows updates and since upgraded the BIOS and UEFI firmware from HP for this machine that tool from Steve's site still showed Spectre Protected: NO!
    I did read somewhere that even with the necessary patches and upgrades some machines could still be vulnerable though.
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:32.
Find Us




Windows 10 Forums