New Tool Detects If Your PC Is Vulnerable To Meltdown And Spectre

I guess if patched I'm gonna get a performance hit.
leWjEBK.jpg


Could someone please explain in laymen terms how the attack is hit on the machine, what the attack does and how to prevent it from happening by taking security measures without patching???

Meltdown requires a kernel patch and Specter a firmware update, that's the only way to mitigate these issues currently. I know a lot of folks are concerned about the performance hit but for typical desktop use, web browsing, gaming, productivity apps, etc. I don't think 95% would notice any difference without looking at benchmarks. My Surface Book 2 got the firmware update last week along with the Windows 10 update and in use during the last week, web browsing, gaming, productivity apps, etc. there's simply been no performance hit that has been remotely noticeable.

These are such low level issues impacting so many thing that unless someone has a VERY good and quantifiable reason I think avoiding patching these issues isn't worth it.
 
Meltdown requires a kernel patch and Specter a firmware update, that's the only way to mitigate these issues currently. I know a lot of folks are concerned about the performance hit for typical desktop use, web browsing, gaming, productivity apps, etc. I don't think 95% would notice any difference without looking at benchmarks. My Surface Book 2 got the firmware update last week along with the Windows 10 update and in use during the last week, web browsing, gaming, productivity apps, etc. there's simply been no performance hit that has been remotely noticeable.

These are such low level issues impacting so many thing that unless someone has a VERY good and quantifiable reason I think avoiding patching these issues isn't worth it.
So one more ? if you dont mind.

If I install MS patch, can it be uninstalled?
I will take an OS image backup prior.
 
So one more ? if you dont mind.

If I install MS patch, can it be uninstalled?
I will take an OS image backup prior.

With an OS backup you should be good and you should be able to reinstall an older firmware version with modern firmware tools.
 
With an OS backup you should be good and you should be able to reinstall an older firmware version with modern firmware tools.

Ok, I have checked for updates on win7 x64 and updated, I didn't see anything for the flaws and also I am still vulnerable.

Where can I get the OS update for now?
 
Meltdown requires a kernel patch and Specter a firmware update, that's the only way to mitigate these issues currently. I know a lot of folks are concerned about the performance hit but for typical desktop use, web browsing, gaming, productivity apps, etc. I don't think 95% would notice any difference without looking at benchmarks. My Surface Book 2 got the firmware update last week along with the Windows 10 update and in use during the last week, web browsing, gaming, productivity apps, etc. there's simply been no performance hit that has been remotely noticeable.

These are such low level issues impacting so many thing that unless someone has a VERY good and quantifiable reason I think avoiding patching these issues isn't worth it.

I think he was asking how he can avoid an attack without patching? i.e. Are attacks that target this issue your typical, spread by email, etc?
 
And what about Mac and Linux users? Or mobile users? Tools like this really shouldn't be limited to just one platform...
 
Ok, I have checked for updates on win7 x64 and updated, I didn't see anything for the flaws and also I am still vulnerable.

Where can I get the OS update for now?

I think this is the Windows 7 patch: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056894.

I think he was asking how he can avoid an attack without patching? i.e. Are attacks that target this issue your typical, spread by email, etc?

Without patching you'd have to avoid any potential attack through anti-malware or other security layers. Again, this is such a low level issue that I don't see the wisdom in avoiding the updates without very good cause because it's only a matter of time before this gets weaponized, particularly Meltdown. And what could make this worse is that typical desktop users are probably overly concerned with the performance impact and avoiding the updates.
 
leWjEBK.jpg

Without patching.
YciJ8SI.jpg


HeOE7Mq.jpg

With patching.
6zVlqXo.jpg


And no I didn't get the screenshots reversed. Second benchmark is the second intelburntest screenshot.

So now, just gotta wait for a UEFI patch for spectre?
 
http://forum.notebookreview.com/threads/how-to-update-microcode-from-windows.787152/

http://forum.notebookreview.com/threads/ucode-fix-for-spectre-ht-bug-fix-and-meltdown.806451/

For anyone who needs to update microcode via windows for spectre / is waiting for a new bios / doesn't want to update microcode in bios manually. The amd microcode download was dead at the time I tried, so I pulled it from the debian repo.

Thanks for the helpful post ziddey!

The manual microcode update procedure from the notebookreview thread worked on my MSI Z97/4690K Windows 10 system (which will likely never get a BIOS update for this).

.
 


Vulnerable, I have not installed updated BIOS or any kernel patches.


$ sudo ./spectre-meltdown-checker.sh
Spectre and Meltdown mitigation detection tool v0.31

Checking for vulnerabilities against running kernel Linux 4.11.12-041112-generic #201707210350 SMP Fri Jul 21 07:53:15 UTC 2017 x86_64
CPU is Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking count of LFENCE opcodes in kernel: NO
> STATUS: VULNERABLE (only 31 opcodes found, should be >= 70, heuristic to be improved when official patches become available)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
* Hardware (CPU microcode) support for mitigation
* The SPEC_CTRL MSR is available: NO
* The SPEC_CTRL CPUID feature bit is set: NO
* Kernel support for IBRS: NO
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* Mitigation 2
* Kernel compiled with retpoline option: NO
* Kernel compiled with a retpoline-aware compiler: NO
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI): NO
* PTI enabled and active: NO
* Checking if we're running under Xen PV (64 bits): NO
> STATUS: VULNERABLE (PTI is needed to mitigate the vulnerability)

A false sense of security is worse than no security at all, see --disclaimer
 
... and my AMD laptop, completely un-patched as well:

$ sudo ./spectre-meltdown-checker.sh
Spectre and Meltdown mitigation detection tool v0.31

Checking for vulnerabilities against running kernel Linux 3.19.0-32-generic #37~14.04.1-Ubuntu SMP Thu Oct 22 09:41:40 UTC 2015 x86_64
CPU is AMD A8-4500M APU with Radeon(tm) HD Graphics

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking count of LFENCE opcodes in kernel: NO
> STATUS: VULNERABLE (only 31 opcodes found, should be >= 70, heuristic to be improved when official patches become available)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
* Hardware (CPU microcode) support for mitigation
* The SPEC_CTRL MSR is available: NO
* The SPEC_CTRL CPUID feature bit is set: NO
* Kernel support for IBRS: NO
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* Mitigation 2
* Kernel compiled with retpoline option: NO
* Kernel compiled with a retpoline-aware compiler: NO
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI): NO
* PTI enabled and active: NO
* Checking if we're running under Xen PV (64 bits): NO
> STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable)

A false sense of security is worse than no security at all, see --disclaimer
 
I have a patched kernel for my vms, vm server, an ddesktop so Variant 3 I'm patched. Waiting on Variant 1/2 to be fixed....
 
2018-01-19 20_42_32-InSpectre_ Check Spectre and Meltdown Prevention.png


This is a lie, my performanse should be poor as I have an AM1 5350 :dissapoint:
 
Back
Top