Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spectre v.2 mitigations?


  • Please log in to reply
2 replies to this topic

#1 saluqi

saluqi

  • Members
  • 653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:12:01 PM

Posted 01 May 2018 - 07:42 PM

Perhaps this is a dumb question.  If so, don't hesitate to tell me.

 

Some days ago there was an article on the BC site entitled "Microsoft Releases Two New Windows Updates Containing New Spectre 2 Mitigations".  These were manual-only Windows 10 updates for the CVE-2017-5715 (Spectre v.2) vulnerability:  KB4078407 (software only) and KB4091666 for Intel processors only, including a firmware update.  My possibly stupid question is, are these only for situations in which no OEM firmware update has been made available?  I have two Dell computers, one desktop and one laptop.  Both have Intel processors.  To the best of my understanding I have installed the appropriate software mitigations as they became available, and Dell has made a firmware update available for each of these machines, which I have also duly installed.

 

So am I correct in thinking that these two new manual-only updates from Microsoft are not necessary, and might even be inappropriate or harmful for these machines?  I'd prefer to think that "If it ain't broke, don't fix it!" applies here.

 

Steve Gibson's "InSpectre" program, Release #8, reports "yes" to all 3 questions (Meltdown protected, Spectre protected, and firmware update available) and "Good" performance.



BC AdBot (Login to Remove)

 


#2 saluqi

saluqi
  • Topic Starter

  • Members
  • 653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:12:01 PM

Posted 02 May 2018 - 08:38 PM

Well, today we read from Catalin Cimpanu:

 

 

Microsoft's patches for the Meltdown vulnerability have had a fatal flaw all these past months, according to Alex Ionescu, a security researcher with cyber-security firm Crowdstrike.

Only patches for Windows 10 versions were affected, the researcher wrote today in a tweet. Microsoft quietly fixed the issue on Windows 10 Redstone 4 (v1803), also known as the April 2018 Update, released on Monday.

 

The v1803 update has not yet come my way (are we supposed to wait for it, or have the ground rules been changed?) so I suppose this will take care of itself in due course.  

 

This does, however, prompt me to re-formulate my original question, in what I hope are simpler terms:

 

I have two Dell computers, one desktop (XPS 8700) and one laptop (Inspiron 5537).  Both have Intel Core i7 processors, 4th generation, Haswell 22 nm technology.  Both have had their firmware updated using the patches provided by Dell to mitigate CVE-2017-5715, the Spectre v.2 vulnerability.  The now current BIOS versions are A12 for the desktop, A10 for the laptop, dated respectively 2/5/2018 and 1/24/2018.  Both are AFAIK the most recent available BIOS versions for their respective machines.  Both machines pass the Gibson Research InSpectre program (release #8) with flying colors (Meltdown Protected - Yes, Spectre protected - Yes, Microcode update available - Yes, Performance - Good).

 

The software mitigations for Meltdown and for Spectre v.1 were installed long ago - not the dicey ones at the beginning of January, but the next round, I'd have to look up when.

 

So question arising, are the software and microcode updates KB4078407 and KB4091666, offered by Intel on an "on demand" basis as per Catalin's recent notice, relevant here, or are they (as I would like to think) irrelevant because I have already installed the software mitigations and the Intel/OEM microcode updates?

 

Sorry for the dumb questions, but I think I'm not the only one who has found this whole flapdoodle a bit confusing <G>.



#3 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:01 AM

Posted 02 May 2018 - 09:16 PM

You most definitely are not the only one to find this flapdoodle confusing, saluqi....not by a longshot !!!.... (the only dumb questions are those not asked)


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users