Intel Meltdown Vulnerability In Windows Computers
Ping!
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
Posted on 01/04/2018 6:45:29 AM PST by Red Badger
Only Intel machines are affected by Meltdown
Details have emerged on two major processor security flaws this week, and the industry is scrambling to issue fixes and secure machines for customers. Dubbed “Meltdown” and “Spectre,” the flaws affect nearly every device made in the past 20 years. The Meltdown flaw only affects Intel processors, and researchers have already released proof of concept code that could lead to attacks using Meltdown.
The vulnerabilities allow an attacker to compromise the privileged memory of a processor by exploiting the way processes run in parallel. They also allow an attacker to use JavaScript code running in a browser to access memory in the attacker’s process. That memory content could contain key strokes, passwords, and other valuable information. Researchers are already showing how easy this attack works on Linux machines, but Microsoft says it has “not received any information to indicate that these vulnerabilities have been used to attack customers at this time.” "Protecting a Windows PC is complicated"
Protecting a Windows PC is complicated right now, and there’s still a lot of unknowns. Microsoft, Google, and Mozilla are all issuing patches for their browsers as a first line of defence. Firefox 57 (the latest) includes a fix, as do the latest versions of Internet Explorer and Edge for Windows 10. Google says it will roll out a fix with Chrome 64 which is due to be released on January 23rd. Apple has not commented on how it plans to fix its Safari browser or even macOS. Chrome, Edge, and Firefox users on Windows won’t really need to do much apart from accept the automatic updates to ensure they’re protected at the basic browser level.
For Windows itself, this is where things get messy. Microsoft has issued an emergency security patch through Windows Update, but if you’re running third-party anti-virus software then it’s possible you won’t see that patch yet. Security researchers are attempting to compile a list of anti-virus software that’s supported, but it’s a bit of mess to say the least.
A firmware update from Intel is also required for additional hardware protection, and those will be distributed separately by OEMs. It’s up to OEMs to release the relevant Intel firmware updates, and support information for those can be found at each OEM support website. If you built your own PC you’ll need to check with your OEM part suppliers for potential fixes.
If you own a Windows-powered PC or laptop, the best thing to do right now is ensure you have the latest Windows 10 updates and BIOS updates from Dell, HP, Lenovo, or one of the many other PC makers. We’re hoping Microsoft or Intel creates a simple tool (they have a PowerShell script right now) to check protection for both the firmware and Windows updates, but until such a tool is available you’ll need to manually check or get familiar with PowerShell. Here’s a quick step-by-step checklist to follow for now:
Update to the latest version of Chrome (on January 23rd) or Firefox 57 if you use either browser Check Windows Update and ensure KB4056892 is installed for Windows 10 Check your PC OEM website for support information and firmware updates and apply any immediately
These steps only currently provide protection against Meltdown, the more immediate threat of the CPU flaws. Spectre is still largely an unknown, and security researchers are advising that it’s more difficult to exploit than Meltdown. The New York Times reports that Spectre fixes will be a lot more complicated as they require a redesign or the processor and hardware changes, so we could be living with the threat of a Spectre attack for years to come.
Update, 9:15AM ET: Removed links to Intel’s detection tool that a now deleted Microsoft security blog may have incorrectly referenced.
The only thing Intel is interested in is selling silicon. Software is just a means to an end. So of course, they’d rather spend as little on it as possible. It causes all kinds of horrible decisions.
I’m running 10.68 and have no intention of upgrading ever.
Just keep your browsers up to date and all will be well. Otherwise this is much to do about nothing.
No doubt all the new circuit boards being made in the future will have an updated firmware so this isn’t an issue in the future
Thanks for the info. I’ll start shutting down and updating immediately, even though it’s a pain in the neck!
Thanks!
I did a little digging and this is a pretty good article with several good links:
https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/
THanks. Just to make it clear, I am a bona fide techtard. I use Chrome and Firefox. I never updated Chrome or saw any notice about it, I will do a search and find out how. Windows 10 updates are breathing down my neck right now. I use the free Avast.
Is all the above sufficient, do you think?
Trying to look in to this can give a non-tech person a headache, but I’m glad I could help.
—On my way now to check out your article and crossing my fingers they don’t come up with new information that dooms old 32 bit computers. (My desktop’s got to be over 10 years old).
Since this is a hardware error, not a software error, the updates will all have to be implemented. Avast is only good for viruses and malware from outside. They may cover this as well, we’ll see.
The browsers and the OS, Windows 10, have not as yet released any updates That I am aware of to fix this, but they are working on it....................
I think it is very unlikely you need to do anything. But you can check to see if you have a Intel CPU Usually your case will have a sticker on it if it does, or hold down the Widows key (bottom left, with a flag on it) and the Pause/Break key at the same time and let go, which should give you that basic info. Or type msinfo32 in your run command (Windows key and the r key) and hit OK for a lot of info. You can also run dxdiag if you want more interesting data.
If it is Intel then download and run the Intel® Driver & Support Assistant and it should tell you what needs to be updated, and provide what is needed. Thanks be to God .
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
Running HS on a 2008 3,1 Mac Pro no noticeable slow downs from Yosemite days. (8 core Xenon w/SSD 16 gig RAM).
Thanks PIF for posting this reply. . . but it needs more information. Let me add to your comment:
iPhones need physical access AND THE USER'S PASSCODE, plus an Apple Certificated malware designed to rewrite the firmware app on the Apple App Store, to be compromised.
You had it almost correct on the iPhone/iPad part of it. . . and that is for the completely different mode of attack of the "Spectre" malware which affects Intel, AMD, and ARM based processors.
Thank you very much!
My laptop says “Intel Inside” Core 17.
Sadly it is Windows 10 which I hate.
I have a desktop but not using it yet.
Being a techtard, I never know what to do/not do unless a kind person has mercy and tells me. :-)
That's what they said about rowhammer and it was wrong. There was no viable exploit through Javascript and it was easy to preclude in a browser JS engine. The problem with all of these types of exploits is they require special instructions. Javascript doesn't allow arbitrary instruction execution.
The only threat from this flaw is if you run an exe. That's why the VM providers are rushing to patch, their customers can run any exe they want including a malicious exe that attacks the host or another guest VM. But on your own PC you must run a malicious exe with the special instructions. As long as you practice safe computing you won't do that.
Thank you very much.
I do appreciate knowledgeable people responding to those of kindergartner level (such as me).
Can’t take credit - got it from your post on another thread. You had not commented on this one so I though to spread the word. All thanks to you.
Nope, not really. The first macOS High Sierra 10.13.0 had a few bugs, but macOS High Sierra 10.13.1 solved the vast majority of those. Apple upgrade first releases are seldom perfect. It takes lots of people in the wild finding those pernicious hidden bugs using lots of variations of hardware and software mixes to find all of them, even with Apple where they control the whole widget.
There are several extremely important security upgrades between Yosemite and the last iteration of High Sierra you really need. If your hardware can use High Sierra, upgrade.
The point of antivirus is to preclude running malicious executables. If you don't run malicious executables then the intel flaw can't be exploited. But you don't need AV to preclude running malicious EXEs. Nor do you need any patch as long as you practice safe computing.
I know enough to cause trouble.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.