• Meltdown and Spectre from a Windows user’s point of view

    Posted on January 4, 2018 at 08:59 CST by Comment in the Forums

    I continue to recommend that you keep your PC locked down. There’s no compelling reason to apply yesterday’s myriad Windows patches right now. You’ll have to apply them eventually, but a certain degree of caution and skepticism is in order.

    Besides, you aren’t completely patched until all of the other pieces — firmware, antivirus, browser — are in place, and none of those are ready.

    Computerworld Woody on Windows.

    UPDATE: Here’s one that scares me. A handful of researchers just published a method for using JavaScript to surreptitiously read data, via a browser:

    In addition to violating process isolation boundaries using native code, Spectre attacks can also be used to violate browser sandboxing, by mounting them via portable JavaScript code. We wrote a JavaScript program that successfully reads data from the address space of the browser process running it.

    Note, in particular, that there are no fixes yet for Spectre — and there’s lots of speculation that such fixes may be a long, long way off.

    UPDATE: A very insightful post from Alasdair Allan

    UPDATE: Intel issued a press release that says, in part:

    Intel has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years.

    What of processors that are more than five years old? Intel doesn’t say. But I was very surprised to discover, in the list of affected processors, references to:

    • Intel Atom® Processor C Series
    • Intel Atom® Processor E Series
    • Intel Atom® Processor A Series
    • Intel Atom® Processor x3 Series
    • Intel Atom® Processor Z Series
    • Intel® Celeron® Processor J Series
    • Intel® Celeron® Processor N Series
    • Intel® Pentium® Processor J Series
    • Intel® Pentium® Processor N Series

    I thought all of those were immune. Looks like they aren’t.

    Windows Patches/Security ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.