|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
Patch Lady – How to update Win10 to fix Spectre, Meltdown and other side channel vulnerabilities
Patch Lady Susan Bradley’s latest column in CSOOnline:
In January 2018, security news media was abuzz over a new class of vulnerability called side channel vulnerabilities. Spectre, Meltdown and Foreshadow are some of the best known. They exploit weaknesses in speculative execution in microprocessors to leak unauthorized information. Side channel vulnerabilities allow attackers to bypass account permissions, virtualization boundaries and protected memory regions.
Patching these vulnerabilities is not easy. They are mitigated by a combination of patches from both the chipset vendor and the operating system provider. Worse, there is often a noticeable performance hit after installing these updates…
Windows servers in particular need specific guidance as most of the protections are not enabled by default.
If you’re running a server that’s potentially at risk, it would behoove you to read this article.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
WU help needed with “Some settings are managed by your organization”
by 3 hours, 17 minutes ago
-
No Newsletters since 27 January
by 7 hours, 26 minutes ago
-
Linux Mint Debian Edition 7 gets OEM support, death of Ubuntu-based Mint ?
by 7 hours, 46 minutes ago
-
Windows Update “Areca Technology Corporation – System – 6.20.0.41”
by 2 hours, 35 minutes ago
-
Google One Storage Questions
by 10 hours, 6 minutes ago
-
Button Missing for Automatic Apps Updates
by 5 hours, 22 minutes ago
-
Ancient SSD thinks it’s new
by 2 hours, 21 minutes ago
-
Washington State lab testing provider exposed health data of 1.6 million people
by 18 hours, 5 minutes ago
-
WinRE KB5057589 fake out
by 11 hours, 25 minutes ago
-
The April 2025 Windows RE update might show as unsuccessful in Windows Update
by 2 hours, 3 minutes ago
-
Firefox 137
by 12 minutes ago
-
Whisky, a popular Wine frontend for Mac gamers, is no more
by 1 day, 6 hours ago
-
Windows 11 Insider Preview build 26120.3863 (24H2) released to BETA
by 1 day, 6 hours ago
-
Windows 11 Insider Preview build 26200.5551 released to DEV
by 1 day, 6 hours ago
-
New Windows 11 PC setup — can I start over in the middle to set up a local id?
by 2 hours, 32 minutes ago
-
Windows 11 Insider Preview Build 26100.3902 (24H2) released to Release Preview
by 1 day, 10 hours ago
-
Oracle kinda-sorta tells customers it was pwned
by 1 day, 16 hours ago
-
Global data centers (AI) are driving a big increase in electricity demand
by 2 days, 2 hours ago
-
Office apps read-only for family members
by 2 days, 5 hours ago
-
Defunct domain for Microsoft account
by 2 days, 2 hours ago
-
24H2??
by 2 hours, 25 minutes ago
-
W11 23H2 April Updates threw ‘class not registered’
by 1 day, 10 hours ago
-
Master patch listing for April 8th, 2025
by 2 hours, 16 minutes ago
-
TotalAV safety warning popup
by 1 day, 1 hour ago
-
two pages side by side land scape
by 4 days, 3 hours ago
-
Deleting obsolete OneNote notebooks
by 4 days, 5 hours ago
-
Word/Outlook 2024 vs Dragon Professional 16
by 3 days, 7 hours ago
-
Security Essentials or Defender?
by 3 days, 10 hours ago
-
April 2025 updates out
by 8 hours, 11 minutes ago
-
Framework to stop selling some PCs in the US due to new tariffs
by 3 days, 4 hours ago
Remembering Woody
