Windows 10: Windows Client Guidance against speculative execution vulnerabilities

Hi,

A bios/uefi update won't be fixing this vulnerability anyhow. Intel, Google, MS and so on are working on solutions for it.
There are pretty recent (November 2017) micro code updates available for pretty much any cpu that needs it starting with the now prehistoric Pentiums and upwards.
It does not resolve this vulnerability yet, just saying that there's hope for people with oldish hard ware.


Cheers, *Wink

 

@Superfly
He has an AMD cpu, I believe. Does all that still apply?

 

I wish I was 50 *Wink

 

Bleeping Computer: Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online

 

Hi,

Ironic how AMD calls it "AMD Secure Processor"

If the PS scripts tells you that the CPU is not secure yet then you can trust that.

Cheers, *Wink

 

Ok, I see. AMD has a flaw similar to the Intel ME issue.

 

It seems so, they just published the article today.

 

Makes one wonder just what other flaws are likely to be discovered or if any processor has ever actually been secure or with the rate these "security" experts are discovering flaws, ever will be.

 

Nobody would have known about this(not even the black hats) and it have been fixed eventually and quietly with some updates in the effected OS's and still supported hardware BIOS, and no one would have been the wiser, not even the bad guys.

But for some dumba** Linux kernel developer that tagged his code with a #comment, and being open source it was quickly seen by someone else and that dumba** told the media*Banghead

 

I suggest no processor is provably secure or error free - discuss.

 

Solved in build 17046 with Powershell command Set-PSRepository psgallery -InstallationPolicy trusted which prompted me to install the latest version of NuGet. Credit to MaxMVP in a Reedit post found here.

 

Not a perfect world, but yes, it makes one wonder.

I agree, but the rat comes out of the hole eventually. It's like picking between the better of two evils. In the end it's better that it was caught before the bad guys found it. Thing is they should've kept it secret long enough to create a total fix first, if at all. None would've been the wiser. Now we have a period of time that the bad guys can exploit it. I may rant and rave that I may have to buy new hardware, but that's what concerns me most every time I boot a machine.

Like I said, it's not a perfect world, but how long has the chip architecture and processing code been written? Years ago, yes? You'd think out of all the educated in that field that someone would have caught this years ago. SFAIK Murphy's law, a legitimate rule, is taught in most engineering schools. Perhaps not in hardware and/or software engineering?

 

From the Intel White Paper PDF: Intel Analysis of Speculative Execution Side Channels

https://newsroom.intel.com/wp-conten...e-Channels.pdf

 

What about VMs, can it penetrate that ?

 

Hi,

Yes, it can.

Cheers, *Wink