Meltdown & Spectre is melting ME down!

Topic

New Reply

My real first name is Gary. This is my very first post here, so if I make a mistake or do something I shouldn’t, please understand, gently correct me and try to help me. Thank you!

This whole Meltdown & Spectre debacle is the first issue in my 25-yr+ PC history that I just cannot seem to get my head around. I am thoroughly confused as to what I should do about it. Here’s my constraints:

1. Most of my Motherboards are too old to expect the manufacturers to update the BIOS against the threat. I cannot afford to upgrade my aging but still quite useful PC equipment to make myself immune to it.
2. I do not want to “upgrade” to Windows 10 at this time or in the very near future. Windows 7 works just fine and I like it. Also, I have some Mission Critical software I need to run my business that absolutely will not run in Win 10.
3. I do not have the time to read and sort through literally hundreds of online articles to find out what to do. This is the main reason why I have joined the forum here.
4. I do not want to install ANY update that will slow down my PC’s, regardless of the supposed threat. I am willing to take my chances. I have 3 Firewalls and multiple AV software on most of my PCs. I know how to stay safe online and how to recognize threatening and suspicious activity on my network and online.

Premise: I have stopped most updates for Windows 7, which is running on all my devices except mobile. I know this is not good, but I just cannot find specific enough information as to exactly what to do. I have been looking online for months.

My Question: Is there a specific list somewhere, of all the historical and proposed updates for Windows 7 and Server 2008 R2 that are known to or should be expected to, cause a decrease in a Windows 7 PC running the “older” CPUs & hardware? I am looking for a list that gives me specific KB numbers, and not just a generalized discussion. Those generalized talks literally proliferate the internet. I have spend dozens of hours on this search, and so far, I have been unable to find a comprehensive and specific list. Does anyone know where I might find such a list?

Thank you in advance!
Gary

Too much hardware to itemize, but none of it newer than 4 years ago. Basically, I use or take care of 8 Desktops, 6 Laptops, 3 Tablets, 4 Smart TVs and 6 Cellphones. Most of them connected to my 52TB Media Server currently running Windows Home Server 2011 (soon to be Server 2012 or 2016).

Reply | Quote

Replies

I am going to give you a general answer in spite of the fact you say you don’t want one.

Win7 Monthly ROLLUPS delivered through Windows Update are currently CUMULATIVE. That means the latest on contains the fixex from the past updates. ALL of the Monthly ROLLUPS since (and including) January 2018 contain Meltdown/Spectre mitigation(s), which MAY slow down your PC, particularly if it is older technology. How much of a slowdown is will depend on the particular hardware. I believe you will notice it more the harder you push the PC.

Reply | Quote

Thank you PKCano! I appreciate your taking the time to reply. However, you have not told me anything I did not already know. If I can find such a list as the one I described, my intention is to not only avoid future updates, but to UNinstall any such updates that may have already gotten past me and installed. I know that Monthly Rollups are just an accumulation of multiple smaller updates, any one of which can be installed or uninstalled individually. This is my intent.

Thank you again!
Gary

Too much hardware to itemize, but none of it newer than 4 years ago. Basically, I use or take care of 8 Desktops, 6 Laptops, 3 Tablets, 4 Smart TVs and 6 Cellphones. Most of them connected to my 52TB Media Server currently running Windows Home Server 2011 (soon to be Server 2012 or 2016).

Reply | Quote

Gary: What is your current Rollup level, that is, are you now at the December 2017 level, or (for instance) March 2018 level, or where?. Or does it vary by machine?

“I know that Monthly Rollups are just an accumulation of multiple smaller updates, any one of which can be installed or uninstalled individually.”
By “any one” do you mean “any month’s Rollup”, or do you mean any “smaller update”?

I believe that a Rollup is an all-or-nothing package. This is not similar to the [g]olden days when Microsoft issued Service Packages that bundled many patches into one big package.

PK: Do we have a breakdown of which monthly Rollups added new mitigations for that month? This information might be useful if one wanted to do incremental rollups, and test performance after each. But: some month’s packages introduced other problems too, so it would be hit-or-miss, perhaps even on a machine-by-machine basis, as to acceptability. A configuration management nightmare.

Reply | Quote

PaulK: Thank you for your response. My current Rollup level is circa Feb/Mar, but does vary somewhat by PC. Beginning Feb, I started looking at each update ESPECIALLY the Rollups and if ANYTHING was mentioned about Meltdown-Spectre, I either hid it or just ignored it. However, most of my everyday PC’s are AMD, which negated (at last in the beginning) anything to do with Meltdown. So far, I haven’t noticed any degradation in performance, AMD or Intel. BUT, there are some updates that need to be done that have nothing to do with Meltdown-Spectre. It has just become too big of a job for me to handle to tell the difference. Hence, my post.

Too much hardware to itemize, but none of it newer than 4 years ago. Basically, I use or take care of 8 Desktops, 6 Laptops, 3 Tablets, 4 Smart TVs and 6 Cellphones. Most of them connected to my 52TB Media Server currently running Windows Home Server 2011 (soon to be Server 2012 or 2016).

Reply | Quote

PaulK: I meant to add this:

I’m not normally this kind of person, but this whole thing is starting to smell like a huge conspiracy by several of the really big players in the PC industry to give the industry a much needed shot in the arm by scaring people into purchasing new hardware and/or software. Reason being that to date, over a period of MANY months, there has not been a single attack related to Meltdown or Spectre, Worlwide!! Huh? Sounds a bit fishy to me at this point in time. I’m not trying to make a case for it, just throwing it out there right now.

 

Too much hardware to itemize, but none of it newer than 4 years ago. Basically, I use or take care of 8 Desktops, 6 Laptops, 3 Tablets, 4 Smart TVs and 6 Cellphones. Most of them connected to my 52TB Media Server currently running Windows Home Server 2011 (soon to be Server 2012 or 2016).

2 users thanked author for this post.

The Surfing Pensioner, Carl D

Reply | Quote

There are plenty of exploits that are not yet / may never be exploited. It’s worth knowing about them and having manufacturers factor that into their designs. It’s a bit like a car recall, maybe only 3 cars are affected, but thousands have the fix applied.

cheers, Paul

Reply | Quote

Paul T wrote:

There are plenty of exploits that are not yet / may never be exploited. It’s worth knowing about them and having manufacturers factor that into their designs. It’s a bit like a car recall, maybe only 3 cars are affected, but thousands have the fix applied. cheers, Paul

Well, maybe – but just a tiny bit. You don’t hear about people complaining that their car doesn’t have the passing power it had before they recalled and fixed that faulty air bag, do you? Just saying  …   

 

Too much hardware to itemize, but none of it newer than 4 years ago. Basically, I use or take care of 8 Desktops, 6 Laptops, 3 Tablets, 4 Smart TVs and 6 Cellphones. Most of them connected to my 52TB Media Server currently running Windows Home Server 2011 (soon to be Server 2012 or 2016).

Reply | Quote

I’d just like to clarify somethings…

The Monthly Quality and Security Updates for Group A updating are cumulative and are designed to bring you up to date by merely installing the most recent one… they include the Meltdown and Specter updates that you say you want to avoid. You can’t just skip the month/months that they were initially issued, because they are included in the most recent cumulative update.

The Security Only Updates for Group B are also roll-ups of all security patches being offered for each month. You can avoid applying updates for a particular month, but then you also miss any other fixes for that month. The first Meltdown/Spector patch introduced was in January 2018- KB 4056897… and it introduced Total Meltdown, which had to have another fix. I initially updated successfully to June 2018 (Group B) but finally decided to stay at December 2017 when I had to reinstall because of a dying hard drive. Pausing at December 2017 allowed me to miss all the Meltdown/Specter updating and slowing of my computer. I’m not recommending this; I’m a non-techy that is satisfied with frequent backing up, safe browsing habits, etc… weighing my risks/benefits. This is not a recommendation for others.

I cannot tell you which other month patches may have included OS slowing Meltdown/Specter fixes, only that January 2018 had the first.

Non-techy Win 10 Pro and Linux Mint experimenter

2 users thanked author for this post.

GDog, Northwest Rick

Reply | Quote

I’m with you, Elly.  I rolled updates back to Dec 2017 in April and haven’t looked back since… or perhaps I should say I haven’t looked AHEAD since! I manually create weekly restore points in addition to the ones created automatically, and I do complete system image back-ups religiously on multiple DVD+RW discs every other month, always keeping the three most recent editions (6-month coverage) for contingent redundancy, such as unexpected disc failure in a given edition.

So far, so good, my Win7 Home Premium is humming along, haven’t needed to use any of my safety nets yet. I started out as a strong (and rather vocal – sorry!) partisan of Group B, but M$ wore me down with ceaseless and relentless poison pill updates.

Now I am blissfully reclined on the Group W bench, not a care in the world! The end of Win7 support is just around the corner, anyway. I merely bailed out a little early. I am going to ride my 7-year-old desktop (it started out as Vista) until the wheels fall off. Then I may just thumb my nose at M$ and switch to an Apple (yet ANOTHER learning curve to climb – groan!)

I’ll miss you intrepid loungers! That is, unless Woody decides to diversify into offering advice and guidance on the Apple OS as well! That wouldn’t be a bad way to keep the contributions flowing (hint, hint).  

__________________

Win7 Home Premium, 64B, Group B |—> Group W |—> inevitable end of support!

Reply | Quote

Northwest Rick wrote:

I’ll miss you intrepid loungers! That is, unless Woody decides to diversify into offering advice and guidance on the Apple OS as well! That wouldn’t be a bad way to keep the contributions flowing (hint, hint).

Rick:

Here is the link to our MAC forum:

https://www.askwoody.com/forums/forum/askwoody-support/other-platforms-for-windows-wonks/macos-for-windows-wonks/

…and the link to our iOS forum:

https://www.askwoody.com/forums/forum/askwoody-support/other-platforms-for-windows-wonks/ios-for-windows-wonks/

Jim

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

2 users thanked author for this post.

Northwest Rick, woody

Reply | Quote

Personally, I’m moving slowly toward the Chromebook.

I’ve been struggling with this (details to follow), but I think AskWoody should try to embrace questions (and answers!) for all platforms.

1 user thanked author for this post.

Northwest Rick

Reply | Quote

Thank you MrJimPhelps, and of course Da Boss!

I don’t know Thing One about the Chromebook except that 1) it represents YET ANOTHER learning curve to climb, and 2) it is associated with Google, which for me comes in at a close second to M$ on the suspicion scale. I abandoned Google search for DuckDuckGo some time ago, and bailed out on the snoopy Gmail even before that.

Before you pounce on me for having gone back to Outlook Live (the former Hotmail), I acknowledge that this is like jumping out of the frying pan into the soup, but ya gotta do what ya gotta do until ya find a better and more trustworthy option.

AskWoody was for me a serendipitous find, and I appreciate the good and friendly advice I have found here. Excelsior!

Reply | Quote

I made a similar decision, Elly, mainly because of the age of my P.C. Since December 2017, I have installed only the I.E. security-only updates when we get to Defcon 3 or higher (whilst keeping all my other programs and AV up to date, of course!). I’m pretty sure I’ll be O.K. until I get my new chromebook for Christmas………………..Got backup, no software issues and and life is so simple……………………..

Reply | Quote

Elly: Thank you for your words. It is beginning to look like I am going to have to do EXACTLY what you have done in rolling back to December 2017. I am a very experienced user and I think I know how to stay clean. And if I do get hit, one of my religiously performed backups will hopefully save me. My only issue is that I have a LOT more than one PC to worry about. A good Backup plan is really the only way for me to stay safe. Also, I think I would rather put my time and money into another quality hardware firewall box. You can find really good ones on ebay for not a lot of money from Companies upgrading or went out of business. It just takes some time to learn how to make it work the way you want it to.

And as far as what to do when Win7 is no longer? I’m leaning more toward one of the excellent Linux Distros. It is absolutely amazing how close Mint has become lately to Windows! And that is both in appearance and functionality. I run Mint on one of my boxes just to stay in touch with it.

How about it Woody! Are you going to extend that “All Platforms” idea to Linux too?

This whole M$ & Intel thing just STINKS!

Gary

 

Too much hardware to itemize, but none of it newer than 4 years ago. Basically, I use or take care of 8 Desktops, 6 Laptops, 3 Tablets, 4 Smart TVs and 6 Cellphones. Most of them connected to my 52TB Media Server currently running Windows Home Server 2011 (soon to be Server 2012 or 2016).

Reply | Quote

I’ve kept up to day (monthly rollups) on several older 7’s and I’m not finding them any wheezier than they were before.  You may want to run defender and install all updates rather than skipping updates and using heavy antivirus.

There are way way too many OTHER security fixes in these to want to skip them.

https://support.microsoft.com/en-us/help/4343899 = has Spectre Meltdown

https://support.microsoft.com/en-us/help/4338823 = has Spectre Meltdown

https://support.microsoft.com/en-us/help/4284867  etc etc  bottom line starting in January and then now going to August, we’ve had Spectre Meltdown updates in them.

At this timing — a much BETTER way to do this it to install the updates and then use the registry keys to disable the protections.

To disable the fix:

 

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f

 

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

Thus you keep the fixes for all the other security issues, and disable the spectre/meltdown stuff.

Susan Bradley Patch Lady/Prudent patcher

3 users thanked author for this post.

phaolo, GDog, satrow

Reply | Quote