Cumulative Update KB4482887 Windows 10 v1809 Build 17763.348 - March 1 Win Update

Page 15 of 34 FirstFirst ... 5131415161725 ... LastLast
  1. CountMike's Avatar
    Posts : 16,707
    W10 Insider + Linux
       #140

    Ita1 said:


    Updated March 5, 2019:

    While the phased rollout is in progress, customers who would like to manually enable Retpoline on their machines can do so...


    https://techcommunity.microsoft.com/...ws/ba-p/295618
    Is that only Intel "Thing" or it affects AMD too?
      My Computers


  2. Posts : 297
    Windows 10 Pro x64
       #141

    Re-upload.

    @IronZorg89 I just missed the header of the top Speculation control settings for CVE-2017-5715 [branch target injection]

    @ddelo You really noticed it.
    Attached Thumbnails Attached Thumbnails Cumulative Update KB4482887 Windows 10 v1809 Build 17763.348 - March 1-untitled.png  
    Last edited by khanmein; 05 Mar 2019 at 23:32.
      My Computer

  3. boombastik's Avatar
    Posts : 316
    Windows 10 X64 latest
       #142

    Skylake and later generations of Intel processors are not compatible with retropoline only with optimizations.
    I think because they have tsx instructions.


      My Computer

  4. ddelo's Avatar
    Posts : 1,838
    Windows 10 Pro x64
       #143

    CountMike said:
    Is that only Intel "Thing" or it affects AMD too?

    Mike my understanding is that it's for AMD CPUs too, as it says in the Microsoft Windows Kernel Internals blog post.
    However, this construct is only safe to use on processors where the RET instruction does not speculate based on the contents of the indirect branch predictor. Those processors are all AMD processors as well as Intel processors codenamed Broadwell and earlier according to Intel’s whitepaper. Retpoline is not applicable to Skylake and later processors from Intel.
      My Computer

  5. hTconeM9user's Avatar
    Posts : 2,765
    Windows 10x64 Home Version 1909 (Build 18363) 836
       #144

    Downloaded installed and all working ok
      My Computer

  6. IronZorg89's Avatar
    Posts : 1,683
    Windows 10 pro x64-bit
       #145

    khanmein said:
    Why your screenshot is not showing:
    Speculation control settings for CVE-2017-5715 [branch target injection]

    I suppose it is the one at the very top, but without the header.
      My Computers

  7. ddelo's Avatar
    Posts : 1,838
    Windows 10 Pro x64
       #146

    IronZorg89 said:
    Why your screenshot is not showing:
    Speculation control settings for CVE-2017-5715 [branch target injection]

    I suppose it is the one at the very top, but without the header.
    It is, Speculation control settings for CVE-2017-5715 [branch target injection]... it says so, but he scrolled down and missed the header
      My Computer


  8. IronZorg89's Avatar
    Posts : 1,683
    Windows 10 pro x64-bit
       #147

    It really boggles the mind to see while MS is fixing or mitigating flaws related to Spectre variant 2 with retpoline, new look-alike spectre flaws are being discovered. The following is an excerpt from zdnet:
    Like the Spectre and Meltdown attacks revealed in January 2018, Spoiler also abuses speculative execution in Intel chips to leak secrets. However, it targets a different area of the processor called the Memory Order Buffer, which is used to manage memory operations and is tightly coupled with the cache.

    All Intel chips open to new Spoiler non-Spectre attack: Don't expect a quick fix

    All Intel chips open to new Spoiler non-Spectre attack - Windows 10 Forums
    Last edited by Brink; 05 Mar 2019 at 16:18. Reason: link
      My Computers

  9. IronZorg89's Avatar
    Posts : 1,683
    Windows 10 pro x64-bit
       #148

    ddelo said:
    It is, Speculation control settings for CVE-2017-5715 [branch target injection]... it says so, but he scrolled down and missed the header
    That's what I thought; so, I was right.
      My Computers

  10. Ztruker's Avatar
    Posts : 10,253
    Windows 10 Pro X64 1909 18363.815
       #149

    I applied the registry changes and now Retpoline is active for me as well:

    Get-SpeculationControlSettings
    For more information about the output below, please refer to https://support.microsoft.com/en-in/help/4074629

    Speculation control settings for CVE-2017-5715 [branch target injection]

    Hardware support for branch target injection mitigation is present: True
    Windows OS support for branch target injection mitigation is present: True
    Windows OS support for branch target injection mitigation is enabled: True

    Speculation control settings for CVE-2017-5754 [rogue data cache load]

    Hardware requires kernel VA shadowing: True
    Windows OS support for kernel VA shadow is present: True
    Windows OS support for kernel VA shadow is enabled: True
    Windows OS support for PCID performance optimization is enabled: True [not required for security]

    Speculation control settings for CVE-2018-3639 [speculative store bypass]

    Hardware is vulnerable to speculative store bypass: True
    Hardware support for speculative store bypass disable is present: False
    Windows OS support for speculative store bypass disable is present: True
    Windows OS support for speculative store bypass disable is enabled system-wide: False

    Speculation control settings for CVE-2018-3620 [L1 terminal fault]

    Hardware is vulnerable to L1 terminal fault: True
    Windows OS support for L1 terminal fault mitigation is present: True
    Windows OS support for L1 terminal fault mitigation is enabled: True


    BTIHardwarePresent : True
    BTIWindowsSupportPresent : True
    BTIWindowsSupportEnabled : True
    BTIDisabledBySystemPolicy : False
    BTIDisabledByNoHardwareSupport : False
    BTIKernelRetpolineEnabled : True
    BTIKernelImportOptimizationEnabled : True

    KVAShadowRequired : True
    KVAShadowWindowsSupportPresent : True
    KVAShadowWindowsSupportEnabled : True
    KVAShadowPcidEnabled : True
    SSBDWindowsSupportPresent : True
    SSBDHardwareVulnerable : True
    SSBDHardwarePresent : False
    SSBDWindowsSupportEnabledSystemWide : False
    L1TFHardwareVulnerable : True
    L1TFWindowsSupportPresent : True
    L1TFWindowsSupportEnabled : True
    L1TFInvalidPteBit : 45
    L1DFlushSupported : False
      My Computers


 

Related Threads
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:53.
Find Us




Windows 10 Forums