Meltdown and Spectre
 

Anyone not getting windows update's through for Jan 2018 because of these problems ? I haven't suffered any blue screen or an unbootable pc.

I updated my windows 7 yesterday and another today with no dramas kb 4056894
My PC has an ancient intel chip from 2006
Windows defender disabled due to Avast



On askwoody theres this

Microsoft yanks all of this month’s Windows patches for “devices with impacted AMD processors”

Posted on January 9th, 2018

Early this morning, Microsoft officially announced that it was pulling all of this month’s Meltdown/Spectre patches for folks with AMD processors.

https://www.askwoody.com/2018/micros...md-processors/

January security patches are out - No known exploits

https://www.askwoody.com/2018/januar...oming-shortly/

Risk Based Security brings some sanity to the Meltdown debacle

https://www.askwoody.com/2018/risk-b...tdown-debacle/


Bottom line is still the same for us personal browser users

Using a Script blocker has become a necessity

From ransomware to bitcoin mining
- entering a site in trusting mode isnt smart

Script Safe for Chrome
https://chrome.google.com/webstore/d...hbdbdgdf?hl=en

No Script for Firefox etc - the newest version with FF57 not great like the browser
https://addons.mozilla.org/en-US/fir...ddon/noscript/

No Script for palemoon - older more familiar version
https://addons.palemoon.org/addon/noscript/

This looks like one of the biggest screw-ups in PC history!
Mine is an AMD so i'll hang fire for a while I think....

Intel will patch all recent chips by the end of January
90 percent of recent processors affected by Meltdown/Spectre will see fixes this week.

There's still no word on a timeline for when affected processors made more than five years ago will be patched.

9th January 2018
https://www.engadget.com/2018/01/08/...ecurity-patch/



edit



Windows Meltdown-Spectre patches: If you haven't got them, blame your antivirus
Microsoft says your antivirus software could stop you from receiving the emergency patches issued for Windows.

Liam Tung
By Liam Tung | January 4, 2018 --

http://www.zdnet.com/article/windows...our-antivirus/

Semi off topic

There was an update for Mac users today for this issue,
Was gonna be gone for a few hours today so I did it while gone, came back some 5 hours later and was all done so don't know how long it took but everything seems to be operating OK :thumbsup:

You wont be needing that imac pro then

You've got to love MS

The one group who werent even affected by the chip debacle , those with AMD CPUs
get a blue screen of death invitation from MS via windows updates

They actually think their updates are a big help

History says their as good as malware all too often

Well the updates have appeared on the security guide for me but still unsure about installing KB4056897 at 36.2mb file size. I have a AMD chip in mine.

This one makes me sad...
 

Intel CEO sold all the stock he could after Intel learned of security bug
so he knew about the facts and...http://vintage-erotica-forum.com/images/icons/icon8.gif

As askwoody has been warning for year after year

Let others be the beta testers with windows updates



From an amd cpu perspective theres nothing to gain and everything to lose
even when they get the anti-virus issue fixed

Known issues in this update

Microsoft is working with AMD to resolve this issue and resume Windows OS security updates to the affected AMD devices via Windows Update and WSUS as soon as possible. If you have experienced an unbootable state or for more information see KB4073707.

For AMD specific information please contact AMD.

January 3, 2018—KB4056897 (Security-only update)
Applies to: Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1

https://support.microsoft.com/en-au/...date-kb4056897

Know the difference To: 1.Preposition (used for expressing motion or direction toward a point, person, place, or thing approached and reached, as opposed to from): They came to the house. 2. (used for expressing direction or motion or direction toward something) in the direction of; toward: from north to south. Too: adverb: 1. To a higher degree than is desirable, permissible, or possible; excessively. 2. in addition. Two: number cardinal number: 1. Equivalent to the sum of one and one; one less than three.

Everyone in the same (leaky?) boat?;):rolleyes:

A lot of scare mongering going on about the possibilities

INTEL CHIP FLAW: WHAT ANDROID, IPHONE, APPLE MAC AND WINDOWS USERS NEED TO DO TO STAY SAFE

http://www.independent.co.uk/life-st...-a8141421.html

Didn't get the BSOD myself but after patching it did trigger startup repair and rolled backed to a restore point. Utterly useless patch. Who is coding this garbage. It seems no one even tested it beyond the one odd ball AMD someone had over in the corner. Heck, I bet you they were brain dead enough to test this on a virtual machine and gave it flying colors. :)

i have mixed feelings about W10. Some parts are nice, but as an upgrade of W7 i have experienced it as a nightmare.

^^^ what he said.

First of all-- its a vulnerability that was discovered first by security researchers -- hat's off to them. So, so far as we know, there are no exploits in circulation, though no doubt bad actors are working on them as fast as they can.

Second, whatever performance hits are incurred by patches will be worst in the first patch, over time you'd expect subsequent iterations to be more efficient with less of a performance hit.

So in the grand scheme of things for a typical user this amounts to nothing more than "keep your system up to date and patched", which is what you want to do anyway.

Now what?

http://www.bbc.co.uk/news/technology-42788169

Ignore it unless your experiencing issues

I've not been rebooted even once

More likely Vef as a site might experience a slow down



Intel admits that its Meltdown/Spectre firmware patches trigger reboots on
Haswell and Broadwell computers - (Intel's 4th & 5th-gen CPUs)

If you own a PC with a Haswell or Broadwell processor (roughly 2014 to 2016 vintage), its strongly recommended that you refrain from installing the Meltdown/Spectre firmware updates, when they arrive.

12/1/2018
https://www.askwoody.com/2018/intel-...ell-computers/


Intel said its "initial analysis" for business cases such as running website servers showed a slowdown of 2%.

But it added that when it simulated a stock brokerage making transactions, the chips saw a 4% reduction in performance.

The most significant reduction in performance involved computer servers that store and retrieve large volumes of data. For those, the slowdown could be as severe as 25%.

18/1/2018 - Intel fix causes reboots and slowdowns
http://www.bbc.com/news/technology-42733032

Since this Meltdown stuff came out I've been noticing problems with Windows 7 and Webroot. Every time I turn my computer on it asks if Webroot is allowed to make changes. It's never done that until recently. Until I downloaded some updates the system wouldn't acknowledge that Webroot was running.

Did the updates very gingerly. One at a time, setting a restore point each time.
So far so good, but have ignored the 2 "optional" updates, which the MS knowledge
base has flagged as both having issues (so why the fuck are they still there?)

W 8.1 AMD cpu.

The interaction between an antivirus/security app like Webroot and the OS is always a very tricky thing. An anti-virus program is like a cop-- its "allowed to see" stuff that nothing else can see, but its not a "government cop", its a hired contractor cop. I've never liked third party AVs for this reason; whatever they do, its at an OS-like level, but if its from some third party, its not actually part of the OS.

As a result, changes to the OS aren't coordinated with the AV vendor, and patches or other changes can produce weirdness; that's why every helpdesk troubleshoot starts with "turn off your antivirus".