In fact no client sysytem should be patched. Only server where guest accounts with the ability to run the programs are permitted are affected by the attcks.
In fact no client sysytem should be patched. Only server where guest accounts with the ability to run the programs are permitted are affected by the attcks.With this huge effort and performance loss I fail to see why client devices even need a patch besides getting people to upgrade.
If Your browser run the malicious app, it will need no spectre/meltdown attack - it will already have a full access to your memory pool. Spectre and meltdown attacks are the ways to sneak to the other user's memory spaces from the guest account.The problem is that many programs bring their own built-in web browser (Steam, Stellaris Help, ...) for UI purposes. If they don't use proper site isolation or process isolation you might lose your account data or get hacked while using them. My personal opinion is that you should update.
VMware has pulled all patches that apply Intel's microcode updates, and recommends that users do not install them. If they have already been installed, you can't reverse the process, so they recommend disabling speculative execution entirely on every affected ESXi Host and rebooting every VM in that environment, then waiting until Intel releases more microcode updates, applying those, undoing your configuration change on your ESXi Host, and then rebooting every VM in your environment again. So everyone with VMware who's already applied patches is now looking at 2 guaranteed separate, and manually performed total VM outages as a reward for applying Intel's microcode updates.
It just keeps getting better! Fortunately we haven't patched anyone yet.
I assume that, especially on sites/apps with user generated or external content (Online Help Wikis, ads in Skype or other apps), malicious JavaScript code snippets could be embedded or slip through the checks.
In fact no client sysytem should be patched. Only server where guest accounts with the ability to run the programs are permitted are affected by the attcks.
Literally every client system that has an active web browser is at risk without patching.
Well, it said my i5-3330 prebuilt ASUS system was not vulnerable to meltdown, but was vulnerable to spectre.This is the perfect place to post that. That post should get its own thread + sticky in the CPU forum, actually.
at risk from whom or what? who knows exactly how to exploit that weakness? are we talking about 2-3 individuals on the planet with twisted minds?
Don't know if this is the place to post it or if it has been posted yet, but Steve Gibson put out an easy to use Spectre/Meltdown tool:
https://www.grc.com/inspectre.htm
Gibson Research has been around for over 30 years. How much more established do you expect?One of these days, one of those utils posing as security checkers, will mess up some systems.
You want a CPU checker? If powershell is not very easy, use the one from ashampoo. Better use tools from companies that have a long presence.
You think a couple people... They published how the exploit works in detail, so you must not be paying attention and just making random comments. How about all the countries/governments of the world putting their resources to exploit these vulnerabilities? Who is to say they are the first to discover these exploits? They are just the first to make them public! The nature of the attack leaves no log of the event, so no one would ever know it happened anyway! Who is to say that there are not ways to use this exploit that are not yet discovered, or they have been already implemented.at risk from whom or what? who knows exactly how to exploit that weakness? are we talking about 2-3 individuals on the planet with twisted minds?
Gibson Research has been around for over 30 years. How much more established do you expect?
Well if anyone is saying that Intel will be dead soon then sure. But, this is a big misstep and it will effect Intel greatly. The stock has taken a hit and will continue to do so as they lose out on market share. If the CEO does get investigated that too will effect the stock. If companies realize they are better off buying AMD for their next servers, they have allowed AMD into a market which Intel makes massive profits from.
Its not the end of Intel by any means, but its not good either. If Intel does not adapt to a competitive AMD while continuing to make missteps it will be the end of Intel in the future.
Blackberry ruled the roost, and consumer mindshare, until one product hit the market: the iphone. That is when Apple skyrocketed and Blackberry plummeted. intel's situation doesn't have to mirror these other companies' trajectory. A decline will always start somewhere, and this Meltdown affliction could be intel's 'iphone' where mindshare and confidence begins it's shift to the negative. Which as we've heard over and over pertaining to AMD, is what really matters.
It's most likely clean, but since it has additional functionality (can turn off protection for the vulnerabilities) some AV software is detecting it as malware. The way tests are performed might also matter. If you're using any other AV than Win Defender, it might have been deleted or quarantined at runtime.Huh.
Downloaded, went to install. Nothing popped up, then the installer deleted itself.
Is this clean?
Don't know if this is the place to post it or if it has been posted yet, but Steve Gibson put out an easy to use Spectre/Meltdown tool:
https://www.grc.com/inspectre.htm