Close

Results 1 to 8 of 8
  1. #1
    DF Super Moderator JonEp's Avatar
    Join Date
    Oct 2007
    Location
    uk
    Posts
    2,326
    Thanks
    1,209
    Thanked:        941
    Karma Level
    372

    Default Meltdown and Spectre vulnerabilities.

    Meltdown and Spectre are serious vulnerabilities built into the chip set of nearly all the computers including brand new ones on sale in the stores.

    I have been trying to get all my kit patched, Most windows 10 patched Meltdown with an update but not Spectre which is apparently more difficult to fix.

    My servers refused to take any of the MS patches despite running Server 2016.

    I know there was problems with the patch, AV and a required registry key needed to be present for the patch to run. In the end the only way I got Meltdown protection was a re image and ran updates before install anything else.

    You can check the status of a computer using the free InSpectre tool [Only registered and activated users can see links. ]

    Has anyone else had any problems with this ?
    Last edited by JonEp; 7th May 2018 at 09:47 AM.

    Thanks to JonEp

    evilsatan (8th May 2018) 


  2. #2
    DF Jedi c0axial's Avatar
    Join Date
    Feb 2002
    Location
    M44
    Posts
    1,539
    Thanks
    184
    Thanked:        218
    Karma Level
    350

    Default Re: Meltdown and Spectre vulnerabilities.

    [Only registered and activated users can see links. ]

    [Only registered and activated users can see links. ]

    2 Thanks given to c0axial

    evilsatan (8th May 2018), JonEp (7th May 2018) 


  3. #3
    DF Super Moderator JonEp's Avatar
    Join Date
    Oct 2007
    Location
    uk
    Posts
    2,326
    Thanks
    1,209
    Thanked:        941
    Karma Level
    372

    Default Re: Meltdown and Spectre vulnerabilities.

    The reality is almost every laptop, PC, server and phone on sale in the likes of PCWorld etc is vulnerable to the attacks out of the box, never mind legacy kit.

    I wonder what the fall out will be longterm. Medical records, credit history and criminal records are are all for the taking if the vulnerabilities are able to be exploited as there appears to be no real fix and no secure hardware to replace?
    Last edited by JonEp; 8th May 2018 at 02:12 AM.

  4. #4
    DF Super Moderator
    evilsatan's Avatar
    Join Date
    Jul 2004
    Location
    Essex
    Posts
    20,150
    Thanks
    1,140
    Thanked:        3,318
    Karma Level
    1563

    Default Re: Meltdown and Spectre vulnerabilities.

    The "fixes" can have double digit impact on performance, reported to mainly affect processors over 4 years old such as Intel Ivy Bridge and earlier so that alone will put off some from patching. From what I've read the fixes so far require a Windows patch, Intel ME firmware upgrade (if on your system) and BIOS updates so most normal users won't have installed anything other then the Windows patch and depending on their AV that may not even install, let alone older systems where the BIOS won't be updated by the manufacturer.


  5. #5
    DF Super Moderator
    evilsatan's Avatar
    Join Date
    Jul 2004
    Location
    Essex
    Posts
    20,150
    Thanks
    1,140
    Thanked:        3,318
    Karma Level
    1563

    Default Re: Meltdown and Spectre vulnerabilities.

    My laptop is fully patched with little-no speed penalty according to Jons tool (coaxials tool was blocked by Chrome and Eset - presumably a false positive if it runs code to dummy exploit the vulns), but my main PC (i5-2500k) needs a microcode patch and this will affect the speed. This PC still powers through everything like a trooper, it's overclocked so will read up about real-world performance as this was such a popular proc. I read the blurb and it seems that if the BIOS won't be updated by the board manufacturer then Microsoft have released some patches if the processors have had the microcode patched by Intel:
    [Only registered and activated users can see links. ]

    Thanks to evilsatan

    c0axial (8th May 2018) 


  6. #6
    DF Rookie onemc4you's Avatar
    Join Date
    Apr 2019
    Location
    Slidell
    Posts
    4
    Thanks
    1
    Thanked:        0
    Karma Level
    0

    Default Re: Meltdown and Spectre vulnerabilities.

    All the patches are BS!
    Someone has to have physical contact with your server to do the Spector attack. Just lock your pc in a metal box and hide the key.

    Big brother in every device! All patches do is move the open door somewhere else.
    Atari computers are the only pcs not open to big brother attacks.

    Use virtual machines in linux and you better off!
    Windows as a server too much holes.


    Sent from my iPhone using Tapatalk

  7. #7
    DF Super Moderator Teajunkie's Avatar
    Join Date
    Dec 2009
    Location
    Devon
    Posts
    4,214
    Thanks
    1,879
    Thanked:        1,885
    Karma Level
    540

    Default Re: Meltdown and Spectre vulnerabilities.

    Why are you posting in threads that Haven’t been posted in for a year?
    are you looking to be banned on your second post?
    Instagram and twitter @mrteajunkie.

    Thanks to Teajunkie

    onemc4you (24th April 2019) 


  8. #8
    DF Rookie onemc4you's Avatar
    Join Date
    Apr 2019
    Location
    Slidell
    Posts
    4
    Thanks
    1
    Thanked:        0
    Karma Level
    0

    Default Re: Meltdown and Spectre vulnerabilities.

    I dont know. Tapatalk is to blame. It said it was new


    Sent from my iPhone using Tapatalk

Social Networking Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •