Replies

I’ve rolled back to Dec on 3 Win 7 PC’s. Do I have it right that the April Monthly Rollup, KB 4093118, has been fixed and is OK to install for Win7-64 PC’s?

“This is code that can retrieve or change any data in memory from a running program. Before it kicks in, a would-be attacker has to get the program running on your machine.” Does this mean something must be downloaded?

Should anti-virus be looking for signatures of this code..is it defensible?

Are users vulnerable to a drive by exploit..like a just being on a web page?

Win 7 with Feb 2018 update…reluctant to roll back, but assessing the the risk.

On several Win7 64 PC’s I have Feb and Dec security roll-ups installed. I could uninstall the Feb roll-up and be safe from Total meltdown…or, since an exploit has just come out and I have multiple anti-malwares and practice safe computing..avoiding the badlands..I could just wait till Microsoft pushes out a safe patch…maybe a month..maybe never…or until the exploit appears to be really causing problems..a bet that I won’t be patient 0 =>10,000.

I’m leaning towards the latter, but this whole mess is really over my head so I’m open to other opinions or options.

MARCH MADNESS I’m skipping the patch version and sticking to basketball…what a mess.

1 user thanked author for this post.

SueW

I’m sticking with Windows 7..at least till they stop security updates in 2020 and possibly well beyond. Watching the Win 10 parade of horrors from afar has been entertaining but makes me glad I have resisted upgrade offers and new PC deals. Speaking of the latter..how many have decided to hold off till Intel fixes it’s chips.

Microsoft updates are breaking/impairing way more PC’s than any malware they might prevent. I’m coming to the view that safe practices and multi-layer anti-malware are a better solution than update roulette [similar to Russian variety, but it’s your PC’s ‘brain’ that’s wiped out].

2 users thanked author for this post.

OscarCP, Cybertooth

Just ran across article claiming flaws discovered 7 months ago https://www.theverge.com/2018/1/11/16878670/meltdown-spectre-disclosure-embargo-google-microsoft-linux

Sorry if already posted..haven’t read all comments.

Anyone know anything about google’s Reptoline patch? https://www.theinquirer.net/inquirer/news/3024392/google-claims-its-spectre-patch-results-in-no-degradation-to-system-performance

Firefox patched 57.0.4 – https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/ This link indicates Firefox ESR 52.x isn’t vulnerable.

This list https://www.techarp.com/guides/Complete-Meltdown-Spectre-Cpu-List/3/

Indicates that the  2009 Core 2 duo e8400s power a few of my Win7 desktops may not be vulnerable since they are not listed…or could be just not tested..since there’s no chance of processor microcode update on these Win 7 e8400 boxes and the win 7 update will likely slow them down considerably, I’m considering just stopping updates and relying on multiple layers of anti-virus, -malware, -exploit, -ransomeware & -spyware to keep me safe. The patches are a bigger threat anyway.

Given that there are no reported exploits in the wild, the patches will likely slow the PC’s and reasonable good practice will protect cautious users since malware must be delivered to the PC for this vulnerability to be exploited…there is no good reason to patch until they get it fixed.

The worse threat to PC health continues to be bad patches and bad patching practices…beta testing for Microsoft..pioneers wear arrow shirts.

9 users thanked author for this post.

JDeC, OscarCP, lurks about, Cascadian, woody, Cybertooth, SueW, Seff

I found this plain English article useful…my notes below link:

https://www.cnet.com/news/Spectre-Meltdown-Intel-Arm-Amd-Processor-Cpu-Chip-Flaw-Vulnerability-FAQ/
major vulnerabilities, called Spectre and Meltdown, could let an attacker capture information they shouldn’t be able to access, like passwords and keys.
The good news is that hackers would first need to install malicious software on your computer in order to take advantage of these flaws..they need to select their targets and hack each one of them before running a sophisticated attack to steal a computer’s sensitive information.

So good security practices…antivirus, avoiding phish attacks and updating should mitigate threat risks.

Pentium Pro was kicked off in 1995 https://en.wikipedia.org/wiki/Pentium_Pro way more than the 10 years quoted in articles…gotta wonder if Alex has the real scoop on this.

This from securities analyst covering Intel: “The firmware issue impacts most of INTC’s microprocessor products ranging from its “Core” PC family (gens 1-8), “Xeon” servers (E3-1200 v5 & v6, Scalable, and W families), to others – in other words, this could impact most processors manufactured by INTC over the last 10 years.” …not saying Alex is wrong..just that most reporting differs.

The download was linked in this 11/20 article where the US Govt warns businesses to take the security flaw seriously https://www.reuters.com/article/us-intel-cyber-vulnerability/u-s-government-warns-businesses-about-cyber-bug-in-intel-chips-idUSKBN1DM01R

This warning had way less visibility than the current disclosure, but I believe it refers to the same flaw.

Regarding the insider sales, note that the CEO sold 9 days after this disclosure so his a*** is covered.

I sold 100% of intel today at a higher price than the CEO..primarily because this flaw and the resulting slowdown really p***** me off.

I’d like to see a list of processors affected by the bug. I’m running several PC’s that have 10 year old processors..which may give the option of declining the patch. I’m dead certain the patch won’t discriminate between intel processors  and probably won’t exclude AMD processors that don’t have the flaw given Microsoft isn’t exactly sensitive to user experience and Intel will get the blame.

This is a less technical summary of the problem: https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html

Intel offers a detection tool to see if your processor is vulnerable https://downloadcenter.intel.com/download/27150

Unfortunately, the output on my elderly PC wasn’t helpful: “This system may be vulnerable, either the Intel(R) MEI/TXEI driver is not installed (available from your system manufacturer) or the system manufacturer does not permit access to the ME/TXE from the host driver.” YMMV

8 users thanked author for this post.

Lori, gkarasik, woody, wdburt1, OscarCP, SueW, Elly, Bill C.

Is there a [reasonably easy] way to still get the November Win7 roll-up patch? Successfully patched a test box a few days ago, but got busy and didn’t look at patching until today.. Too late?

They only box that notifies me of updates..but doesn’t automatically install them shows only the December patch…too risky.

My quick & dirty research indicates this is not a real issue…notes:

NOT SPYWARE https://mspoweruser.com/HP-Responds-To-Touchpoint-Analytics-Service-Spyware-Allegations/
* https://www.laptopmag.com/articles/HP-Touchpoint-Analytics-Controversy
* HP said:    HP Touchpoint Analytics is a service we have offered since 2014 as part of HP Support Assistant. It anonymously collects diagnostic information about hardware performance. No data is shared with HP unless access is expressly granted. Customers can opt-out or uninstall the service at any time. HP Touchpoint Analytics was recently updated and there were no changes to privacy settings as part of this update. We take customer privacy very seriously and act in accordance with a strict policy, available here.
Service  only designed to collect hardware performance data for which HP asked permission on the initial setup of your PC. While the data is collected on your local hard drive, they are only uploaded to HP if there was an actual support incident, and then only with the user’s permission.  denied that the app consumed significant resources, saying it underwent intensive performance testing to make sure that it doesn’t have a negative impact on the user experience.
The app (HP Touchpoint Analytics Client) can also be easily uninstalled in the Apps & Features section of Windows 10.

Thanks for the abbreviation list…put it in my Win10 file in case of temporary insanity that causes me to buy a win 10 PC.. The complexity of the versions and what has to be done to keep it from being derailed by Microsoft boggles. I just hope there’s a more stable OS and management when the end of security updates forces me to update.