Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Meltdown & Spectre Vulnerability..Any known way to prevent this?


  • Please log in to reply
34 replies to this topic

#1 Beel

Beel

  • Members
  • 416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:41 AM

Posted 04 January 2018 - 06:27 AM

Security researchers have disclosed a set of security flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel, Advanced Micro Devices and ARM Holdings.

One of the bugs is specific to Intel but another affects laptops, desktop computers, smartphones, tablets and internet servers alike. - Intel and ARM insisted that the issue was not a design flaw, but it will require users to download a patch and update their operating system to fix. - "Phones, PCs, everything are going to have some impact, but it'll vary from product to product," Intel CEO Brian Krzanich said yesterday. 


Edited by quietman7, 04 January 2018 - 04:42 PM.


BC AdBot (Login to Remove)

 


#2 Platypus

Platypus

  • Global Moderator
  • 15,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:11:41 AM

Posted 04 January 2018 - 06:39 AM

Operating systems have to be patched. Linux patches are out now, Windows is expected to be patched Update Tuesday next week.

 

Patches and other mitigations have been released for Server versions of Windows:

 

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

 

https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/


Edited by Platypus, 04 January 2018 - 07:44 AM.

Top 5 things that never get done:

1.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:41 PM

Posted 04 January 2018 - 07:49 AM

...Apple Inc. and Microsoft Corp. had patches ready for desktop computers affected by Meltdown. Microsoft said that a majority of its Azure cloud services used by businesses had already been patched and protected and that it is issuing a Windows security update...Intel had been testing fixes that device makers who use its chips will push out next week...Intel has begun providing software and firmware updates to mitigate these exploits...ARM spokesman Phil Hughes said that patches had already been shared with the companies partners...

Security flaws affecting chips from Intel, AMD and ARM could put virtually all phones and computers at risk

you won’t get any patches installed unless and until your antivirus software sets a specific registry key.

Windows, Meltdown and Spectre: Keep calm and carry on

Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:41 PM

Posted 04 January 2018 - 09:57 AM

Microsoft and Alex Ionescu have tools for Meltdown/Spectre:

SpecuCheck Tool
Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Beel

Beel
  • Topic Starter

  • Members
  • 416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:41 AM

Posted 04 January 2018 - 10:19 AM

Many thanks to you both.. :thumbup2:



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:41 PM

Posted 04 January 2018 - 12:10 PM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:41 PM

Posted 04 January 2018 - 04:30 PM

BC has released a couple more related news articles today.
 
How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws
Microsoft Releases Emergency Updates to Fix Meltdown and Spectre CPU Flaws

Microsoft also warns that the Meltdown and Spectre security fixes are incompatible with some anti-virus products....Microsoft says that when anti-virus vendors update their product to support the Meltdown and Spectre patches, they've been instructed to create a custom registry key on the OS, which will allow Windows to download and receive the proper security fixes (if the user also agrees to it).

 

CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 (Meltdown and Spectre) Windows antivirus patch compatibility


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:41 PM

Posted 04 January 2018 - 04:59 PM

Since a lot of our members use Emsisoft...Christian Mairoll posted Chip vulnerabilities and Emsisoft: What you need to know
Fabian tweeted.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 pcpunk

pcpunk

  • Members
  • 6,235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:41 PM

Posted 05 January 2018 - 12:29 AM

My system is Vulnerable as stated by the Intel Tool: Intel-SA-00086 Detection Tool. 

 

I have the RegEdit done.

 

I Downloaded and Installed the "Intel Management Engine Interface Driver" from Dell for my machine, though it is from 2015.  I ran the Intel-SA-00086 Detection Tool again, and my machine is still vulnerable. 

 

I also downloaded the "2018-01 Security Only Quality Update for Windows 7 for x64-based Systems (KB4056897)" and installed it.  Seems like the most important thing is the Management Engine Firmware, what now?  Still showing "Vulnerable"

 

What's all the hoopla about, there have been no attacks?  I guess it's good that everyone is on top of it ahead of time.


Edited by pcpunk, 05 January 2018 - 08:32 AM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#10 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,705 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:11:41 AM

Posted 05 January 2018 - 07:12 AM

 

Canonical engineers have been working on this since we were made aware under the embargoed disclosure (November 2017) and have worked through the Christmas and New Years holidays, testing and integrating an incredibly complex patch set into a broad set of Ubuntu kernels and CPU architectures.

Ubuntu users of the 64-bit x86 architecture (aka, amd64) can expect updated kernels by the original January 9, 2018 coordinated release date, and sooner if possible.  Updates will be available for:

  • Ubuntu 17.10 (Artful) — Linux 4.13 HWE
  • Ubuntu 16.04 LTS (Xenial) — Linux 4.4 (and 4.4 HWE)
  • Ubuntu 14.04 LTS (Trusty) — Linux 3.13
  • Ubuntu 12.04 ESM** (Precise) — Linux 3.2
    • Note that an Ubuntu Advantage license is required for the 12.04 ESM kernel update, as Ubuntu 12.04 LTS is past its end-of-life

Ubuntu 18.04 LTS (Bionic) will release in April of 2018, and will ship a 4.15 kernel, which includes the KPTI patchset as integrated upstream.

https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:41 PM

Posted 05 January 2018 - 01:54 PM

Win7 Monthly Rollup KB 4056894 signals early, abbreviated Patch Tuesday
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 AM

Posted 05 January 2018 - 02:00 PM

My system is Vulnerable as stated by the Intel Tool: Intel-SA-00086 Detection Tool. 

 

I have the RegEdit done.

 

I Downloaded and Installed the "Intel Management Engine Interface Driver" from Dell for my machine, though it is from 2015.  I ran the Intel-SA-00086 Detection Tool again, and my machine is still vulnerable. 

 

I also downloaded the "2018-01 Security Only Quality Update for Windows 7 for x64-based Systems (KB4056897)" and installed it.  Seems like the most important thing is the Management Engine Firmware, what now?  Still showing "Vulnerable"

 

What's all the hoopla about, there have been no attacks?  I guess it's good that everyone is on top of it ahead of time.

 

This Intel tool is for Intel ME vulnerabilities, not for Meltdown/Spectre vulnerabilities.

 

Microsoft and Alex Ionescu have tools for Meltdown/Spectre:
SpeculationControl: https://support.microsoft.com/en-gb/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
SpecuCkech: https://github.com/ionescu007/SpecuCheck/releases

 

Use these to check your systems.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:41 PM

Posted 05 January 2018 - 05:03 PM

Reactions to Meltdown and Spectre exploits

Strip-Intel-Meltdown-Spectre-english650-
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 pcpunk

pcpunk

  • Members
  • 6,235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:41 PM

Posted 05 January 2018 - 06:18 PM

This Intel tool is for Intel ME vulnerabilities, not for Meltdown/Spectre vulnerabilities.

 

Microsoft and Alex Ionescu have tools for Meltdown/Spectre:
SpeculationControl: https://support.microsoft.com/en-gb/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
SpecuCkech: https://github.com/ionescu007/SpecuCheck/releases

 

Use these to check your systems.

 

Now have to open a whole other Thread! LOL.

 

SpeculationControl: I tried to use this process from the Bleeping News Page/Link, but it would not run on my pc?  In Powershell in Admin Mode, and used the directions when one experiences an Error.

 

SpecuCkech: Should I do this?  Should and where should I start a new Thread..here?

 

Thanks, pc


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#15 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 AM

Posted 05 January 2018 - 06:33 PM

You can trust the author of SpecuCheck, Alex Ionescu.

 One of the things he did is co-author this book with Mark Russinovich: http://www.alex-ionescu.com/?p=335


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users