A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows 7 » Windows 7 Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Meltdown & Spectre



 
 
Thread Tools Rate Thread Display Modes
  #1  
Old January 14th 18, 07:56 PM posted to alt.windows7.general
No_Name
external usenet poster
 
Posts: 160
Default Meltdown & Spectre

What's the best protection against these ?

Penalty for any cybercrime should be death !
Ads
  #2  
Old January 14th 18, 08:23 PM posted to alt.windows7.general
Mayayana
external usenet poster
 
Posts: 6,438
Default Meltdown & Spectre

wrote

| What's the best protection against these ?
|
| Penalty for any cybercrime should be death !

My approach is to wait. It sounds like AMD CPUs
have very little risk, anyway. And there have already
been problems on some systems with patches that
have been released.


  #3  
Old January 14th 18, 09:02 PM posted to alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Meltdown & Spectre

wrote:
What's the best protection against these ?

Penalty for any cybercrime should be death !


Do your Patch Tuesday, for Meltdown. Note that
Microsoft doesn't use Meltdown in the KB for the
patch, making it harder to identify.

Update Firefox to 57.0.4 for Javascript timing
attack protection. Patch Tuesday will patch IE
for you (Spectre), while for Firefox the initial
Spectre protection is a browser update.

Those are the two kinds of high-value updates at the moment.

*******

Some day. there may be a microcode update in your
future. Ars has an article you could have a look at.
Microsoft hasn't shipped Microcode on the 9th, but Linux did.

https://arstechnica.com/gadgets/2018...t-performance/

There is also some kind of Powershell command for
checking whether the identified exploits have been
patched on a system yet or not. This one just
checks some Registry stuff.

https://support.microsoft.com/en-ca/...ngs-powershell

There are people working on tests that try to exploit
the holes, and that will be a better test than the
Speculation-control approach. The one mention of
such code I found, said it wasn't ready yet. I suspect
it's probably pretty close to ready now.

*******

Just two options at the moment, give the best (safest)
fix. That's Patch Tuesday, plus patch any non-MS browsers
you might be using. For Firefox, that's 57.0.4.

Paul
  #5  
Old January 15th 18, 08:41 AM posted to alt.windows7.general
PeterC
external usenet poster
 
Posts: 98
Default Meltdown & Spectre

On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote:

There is also some kind of Powershell command for
checking whether the identified exploits have been
patched on a system yet or not.


Ashampoo has released a ching tool called SpectreMeltdownCheck.exe - it
could be on Softpedia etc.
--
Peter.
The gods will stay away
whilst religions hold sway
  #6  
Old January 15th 18, 08:54 AM posted to alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Meltdown & Spectre

PeterC wrote:
On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote:

There is also some kind of Powershell command for
checking whether the identified exploits have been
patched on a system yet or not.


Ashampoo has released a ching tool called SpectreMeltdownCheck.exe - it
could be on Softpedia etc.


Is it a Registry value checker ?

Or an actual exploit tester ?

We've been promised by one of the Meltdown/Spectre
researchers, there'd be an exploit tester that
could check whether you're received some kind of
protection or not.

For the first item, there's a Powershell script.

I'm not aware of any "finished" item for the second type,
as the whole process got rushed at the last minute.

Is the Ashampoo a copy of someone elses program, or
their own creation ?

Paul
  #7  
Old January 15th 18, 01:40 PM posted to alt.windows7.general
No_Name
external usenet poster
 
Posts: 160
Default Meltdown & Spectre

Still the same total asshole I see ...
  #8  
Old January 15th 18, 04:46 PM posted to alt.windows7.general
PeterC
external usenet poster
 
Posts: 98
Default Meltdown & Spectre

On Mon, 15 Jan 2018 02:54:55 -0500, Paul wrote:

PeterC wrote:
On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote:

There is also some kind of Powershell command for
checking whether the identified exploits have been
patched on a system yet or not.


Ashampoo has released a ching tool called SpectreMeltdownCheck.exe - it
could be on Softpedia etc.


Is it a Registry value checker ?

Or an actual exploit tester ?

We've been promised by one of the Meltdown/Spectre
researchers, there'd be an exploit tester that
could check whether you're received some kind of
protection or not.

For the first item, there's a Powershell script.

I'm not aware of any "finished" item for the second type,
as the whole process got rushed at the last minute.

Is the Ashampoo a copy of someone elses program, or
their own creation ?

Paul


Sorry, don't know, but this should have the details:
https://www.ashampoo.com/en/usd/pin/...wn-CPU-Checker
--
Peter.
The gods will stay away
whilst religions hold sway
  #9  
Old January 15th 18, 10:36 PM posted to alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Meltdown & Spectre

PeterC wrote:
On Mon, 15 Jan 2018 02:54:55 -0500, Paul wrote:

PeterC wrote:
On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote:

There is also some kind of Powershell command for
checking whether the identified exploits have been
patched on a system yet or not.
Ashampoo has released a ching tool called SpectreMeltdownCheck.exe - it
could be on Softpedia etc.

Is it a Registry value checker ?

Or an actual exploit tester ?

We've been promised by one of the Meltdown/Spectre
researchers, there'd be an exploit tester that
could check whether you're received some kind of
protection or not.

For the first item, there's a Powershell script.

I'm not aware of any "finished" item for the second type,
as the whole process got rushed at the last minute.

Is the Ashampoo a copy of someone elses program, or
their own creation ?

Paul


Sorry, don't know, but this should have the details:
https://www.ashampoo.com/en/usd/pin/...wn-CPU-Checker


Virustotal says it's clean, and it's a .NET program.

A Hex Editor shows it is making Powershell calls.

So it's basically piggy backing off the Microsoft program.
Which means it should be as good at it, as the Microsoft
powershell command line version.

KVAShadowWindowsSupportPresent

https://support.microsoft.com/en-us/...ngs-powershell

Now, it could have actual exploit checks too, but I cannot
detect that with a hex editor.

Just a guess,
Paul
  #10  
Old January 18th 18, 02:13 AM posted to alt.windows7.general
Stan Brown
external usenet poster
 
Posts: 2,904
Default Meltdown & Spectre

On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote:
There is also some kind of Powershell command for
checking whether the identified exploits have been
patched on a system yet or not. This one just
checks some Registry stuff.

https://support.microsoft.com/en-ca/...ngs-powershell


There's also a program, InSpectre, from grc.com:
https://www.grc.com/inspectre.htm



--
Stan Brown, Oak Road Systems, Tompkins County, New York, USA
http://BrownMath.com/
http://OakRoadSystems.com/
Shikata ga nai...
  #11  
Old January 18th 18, 04:02 AM posted to alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Meltdown & Spectre

Stan Brown wrote:
On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote:
There is also some kind of Powershell command for
checking whether the identified exploits have been
patched on a system yet or not. This one just
checks some Registry stuff.

https://support.microsoft.com/en-ca/...ngs-powershell


There's also a program, InSpectre, from grc.com:
https://www.grc.com/inspectre.htm


All I've been able to determine so far, is it *might*
be using the CPUID and the Revision number and making
some shrewd guesses.

This is based on testing it in a Win10 VM, and using WINE
in Linux, to see how it would handle things.

I'm not convinced (yet) that it's implementing exploits,
like the one in the twitter message (where someone scraped
info they shouldn't have been able to access).

It's still a useful utility.

Thinking about it, I don't think the White Hats really
want to give all that much sample exploit code to the
Black Hats. And maybe that's why the utilities I've tried
so far (inSpectre excepted) have been registry sniffers.
The other utilities just check to see if Microsoft
set or made available, various registry entries.

Paul
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 01:25 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.