Jump to content
exile360

FINALLY updated my CPU Microcode (no thanks to MS or my notebook vendor)

Recommended Posts

WARNING!: The following post is for INFORMATIONAL PURPOSES ONLY!  I do NOT advise that anyone use this as any kind of tutorial or guide unless they are absolutely certain that they know what they are doing, are prepared to potentially break, hose, crash/BSOD their system, potentially resulting in the loss of data or other system damage/malfunction.  I take no responsibility for anyone who chooses to attempt this and ends up damaging and/or crashing their system or wiping any/all data from their OS or anything else that might potentially go wrong in the course of attempting these actions.

So, with that scary disclaimer out of the way, here is a story about persistence in the face of planned obsolescence.

I'm still using Windows 7 (with no plans to upgrade to any newer version of Windows any time soon and it seems I'm not alone) but I'm running fairly modern hardware (an Intel i7-7700K (Kaby Lake) based system).  Unfortunately this means that, at least currently, Microsoft doesn't support any of the CPU microcode updates for my system to secure it against any of the recently exposed vulnerabilities that have been making headlines lately (the now infamous Spectre and Meltdown vulnerabilities; additional info here) because a) I'm not running the only OS they seem to care too much about right now, the glorious Windows 10, and b) because I'm using a modern CPU, which according to MS is not an officially supported combination (even though the two work quite well together, as does my new Samsung 960 PRO NVME SSD and all the other new/modern parts I chose to use in my laptop).

This means I had to use a sort of "hack" in order to be able to download/install updates through Windows Update (done ;) ), and that I had to either hope that the OEM who built my laptop would publish a microcode update for my BIOS (unlikely given their smaller size and specialized clientele), or that MS would have a change of heart and push out a version of Intel's microcode update for my CPU to Windows 7 users (not frickin' likely given how adamant they are about this whole "DOWNGRADE UPGRADE TO WINDOWS 10 NAAAAAAOOOOOWWWW!!!!!" kick they seem to be on these days).

So, I sought alternatives.  I knew (thanks to the fact that MS is doing so for Windows 10, with Intel's assistance) that it was possible to patch my CPU microcode via a driver within the operating system in order to apply some of the mitigations without having to locate a patched BIOS for my motherboard, I just had to find a way to do so in Windows 7.  I'd all but given up hope when I just happened to be doing some searching/reading (this thing we old folks call "research" :P) on the subject to see if there were any new developments on the Kaby Lake/Windows 7 CPU microcode front, and low and behold, a glimmer of hope.  I read the thread thoroughly several times and learned that, not only had Intel actually published their latest CPU microcode for my chip on their website (for Linux, but thankfully it's universal), but someone actually made a tool to use that same microcode to patch CPUs running Windows via their own custom driver that even reports the microcode's status/functionality (or not) to Event Viewer so that I can monitor it (though I also followed the advice in the thread to verify it myself using a tool fit for that purpose).

So after all of this, I can now confirm that I'm running Intel's CPU microcode version 84 which, as of this writing, is the latest version available from Intel for my particular chip :) !:

84.png.bf2c944e02acb4de3bb6776108b4eefa.png

So there you have it.  An outdated awesome OS with an exclusive Intel patch.

I'm happy :), especially with this, my Windows Updates, and my best-in-class exploit protection thanks to Malwarebytes 3 which helps to fend off other pesky, as of yet unpatched (and even unknown) vulnerabilities.

Life is good.

Share this post


Link to post
Share on other sites

Great read!

Question - How does GRC's InSpectre tool show on your system now that you have patched it?  And, assuming this is easily reversible, how doe sit show without the patch?

Share this post


Link to post
Share on other sites

Previously it showed that I was protected from Meltdown but not Spectre, now it shows that I am protected from both (though at a higher performance cost because MS has not provided a patch for my older OS to enable the performance impact mitigating capabilities in my modern CPU as they've currently only provided that patch for Windows 10; thanks Microsoft...NOT!).

So yeah, I'm fully shielded now, and so far at least things seem OK with regards to performance.

Share this post


Link to post
Share on other sites

Good deal.

I'm trying to find a way to modify my Phoenix BIOS with the microcode, as my motherboard and CPU are woefully out of date, and I'm not likely to receive updates from either eVGA fro the BIOS nor Microsoft for the CPU microcode.  I've found instructions for AMI BIOS and UEFI, but nothing for my ancient Phoenix BIOS.

Good reading throughout your post, there.  I might try to force my own patch for my CPU to help offset some of the issues - I'm patched for Spectre but not Meltdown at all.

Share this post


Link to post
Share on other sites

Yes, thankfully it can be patched either through an update to the BIOS (the optimal solution) or through a driver within the OS (the path I was forced down as well you may be) which isn't as efficient, but should be just as effective with regards to security.  Theoretically, if MS would push a patch for 7 it wouldn't even matter though, because that would force the OS to utilize the performance optimizations built into my newer chip to offset the vast majority of lost performance but I doubt they'll be doing so any time soon if at all since they'd much rather force everyone they can onto Windows 10 in every way possible now that they are in the business of offering the OS as a service rather than a license and are so invested in leveraging spyware, which 10 has much more of than 7 (and what 7 has I have crippled via various means).

You can give the method I used a try if you're brave enough.  I'm certain that with your skill level you'll have no issues with it, just be sure to read the instructions carefully and you should be OK.

Share this post


Link to post
Share on other sites
9 hours ago, exile360 said:
9 hours ago, exile360 said:

Previously it showed that I was protected from Meltdown but not Spectre, now it shows that I am protected from both (though at a higher performance cost because MS has not provided a patch for my older OS to enable the performance impact mitigating capabilities in my modern CPU as they've currently only provided that patch for Windows 10; thanks Microsoft...NOT!).

So yeah, I'm fully shielded now, and so far at least things seem OK with regards to performance.

 

5 hours ago, exile360 said:

Yes, thankfully it can be patched either through an update to the BIOS (the optimal solution) or through a driver within the OS (the path I was forced down as well you may be) which isn't as efficient, but should be just as effective with regards to security.  Theoretically, if MS would push a patch for 7 it wouldn't even matter though, because that would force the OS to utilize the performance optimizations built into my newer chip to offset the vast majority of lost performance but I doubt they'll be doing so any time soon if at all since they'd much rather force everyone they can onto Windows 10 in every way possible now that they are in the business of offering the OS as a service rather than a license and are so invested in leveraging spyware, which 10 has much more of than 7 (and what 7 has I have crippled via various means).

You can give the method I used a try if you're brave enough.  I'm certain that with your skill level you'll have no issues with it, just be sure to read the instructions carefully and you should be OK.

Kay'....time to break your bubble as I did to others and please stop spreading "fake news" (pun intended) about vmware tools being able to help with Spectre fix

First, I would like to inform you that VMware CPU Microcode Update Driver does not work and you are TOTALLY not shielded

Please do not trust InSpectre result.

Do make a use of Get-SpeculationControlSettings provided by Microsoft

If you use VMware tools, InSpectre will report your system is protected from Spectre, however IT IS NOT.

You don't believe me? Fine, run Get-SpeculationControlSettings and you will see :
 

Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is enabled: False 

Notice the bottom two line. The mitigation is not enabled by Windows 7 kernel at all.

Why? Recall back the booting procedure:

 BIOS/UEFI--->Boot loader phase--->Kernel--->Session Manager--->Driver ----> Application


VMWare microcode loader Driver is loaded way too late for windows kernel to detect IBRS and IBPB command MSRs (These two only available from Intel latest microcode)

The correct result and properly "shielded" system would be :

Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: True 

*I specifically registered on this site to inform you on this issue. A lot of newbie think VMware CPU Microcode Update Driver will do the trick by using latest intel microcode, but the fact --> it does not*

Which is why you didn't notice any performance regression....... ~.~

Sorry for breaking your hope.

Share this post


Link to post
Share on other sites
1 hour ago, Digitama said:

Kay'....time to break your bubble as I did to others and please stop spreading "fake news" (pun intended) about vmware tools being able to help with Spectre fix

First, I would like to inform you that VMware CPU Microcode Update Driver does not work and you are TOTALLY not shielded

Please do not trust InSpectre result.

Do make a use of Get-SpeculationControlSettings provided by Microsoft

If you use VMware tools, InSpectre will report your system is protected from Spectre, however IT IS NOT.

You don't believe me? Fine, run Get-SpeculationControlSettings and you will see :
 


Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is enabled: False 

Notice the bottom two line. The mitigation is not enabled by Windows 7 kernel at all.

Why? Recall back the booting procedure:


 BIOS/UEFI--->Boot loader phase--->Kernel--->Session Manager--->Driver ----> Application


VMWare microcode loader Driver is loaded way too late for windows kernel to detect IBRS and IBPB command MSRs (These two only available from Intel latest microcode)

The correct result and properly "shielded" system would be :


Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: True 

*I specifically registered on this site to inform you on this issue. A lot of newbie think VMware CPU Microcode Update Driver will do the trick by using latest intel microcode, but the fact --> it does not*

Which is why you didn't notice any performance regression....... ~.~

Sorry for breaking your hope.

I tried the command you suggested in both CMD as well as Powershell and it wasn't recognized as a functional command in either one.

Also, what about the MS patch for Windows 10 for the microcode recently released (referring to this)?  Since MS obviously can't patch anyone's BIOS with a Windows update (especially since they don't have any means of patching all the different manufacturer's BIOS for every system the patch is being offered to), how does this update work then?  Is it not just patching the microcode and how it is utilized by the OS in the same way that this driver supposedly is?

I'm not saying you're wrong about the VMWare driver not working, but I do believe you are wrong about the hard requirement for a BIOS update in order for the microcode to be updated/patched, otherwise that MS update wouldn't exist.

Share this post


Link to post
Share on other sites
35 minutes ago, exile360 said:

I tried the command you suggested in both CMD as well as Powershell and it wasn't recognized as a functional command in either one.

Also, what about the MS patch for Windows 10 for the microcode recently released (referring to this)?  Since MS obviously can't patch anyone's BIOS with a Windows update (especially since they don't have any means of patching all the different manufacturer's BIOS for every system the patch is being offered to), how does this update work then?  Is it not just patching the microcode and how it is utilized by the OS in the same way that this driver supposedly is?

I'm not saying you're wrong about the VMWare driver not working, but I do believe you are wrong about the hard requirement for a BIOS update in order for the microcode to be updated/patched, otherwise that MS update wouldn't exist.

I know operating system can load microcode just fine. However, for KB4090007 (windows 10 and skylake to coffee generation only) case, Microsoft bootloader loads its own microcode from Intel at bootloader stage which new MSRs are detectable by the kernel. Then the kernel will be able to activate the mitigation. As you mentioned, it is unlikely for Microsoft to do so for Win7 or old CPU.

I never said anything about hard requirement for a bios update.......:o I am saying the vmware loads the microcode too late in the booting stage for windows kernel to detect those MSRs and mitigation activation.

So, for the Get-SpeculationControlSettings, you need to install latest powershell from microsoft.

https://docs.microsoft.com/en-us/powershell/

https://github.com/PowerShell/PowerShell/releases

Don't forget to install Powershell prerequisites too ----> Windows Management Framework 5.0 (Google it?)

After powershell installation is done, open powershell with admin privilege:

Install-Module SpeculationControl

Set-ExecutionPolicy Bypass

Get-SpeculationControlSettings

Thus, you will be able to see the status of windows kernel mitigation for Spectre and Meltdown

Don't forget to set the ExecutionPolicy to restricted after you are done checking.

Set-ExecutionPolicy Restricted

Source: https://support.microsoft.com/en-my/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell

Edited by Digitama
Adding source and some grammar correction

Share this post


Link to post
Share on other sites
4 hours ago, Digitama said:

Hardware support for branch target injection mitigation is present: True

Windows OS support for branch target injection mitigation is present: True (Corrected, I typed quickly without re-reading)

Windows OS support for branch target injection mitigation is enabled: False

Hmm?Opps... :P Just noticed my minor mistake on vmware method about getspeculationsettings report.  You should get report status above with vmware method indicating the kernel mitigation isn't enabled even though "Hardware support for branch target injection mitigation is present" is shown as True.

Check for "Windows OS support for branch target injection mitigation is enabled" status.

Don't trust InSpectre result. It is unreliable. Trust only Microsoft's SpeculationControl. ;)

 

edit: The performance regression with microcode enabled.......:(

Edited by Digitama

Share this post


Link to post
Share on other sites

OK, I finally got everything related to Powershell updated and running.  Here's the output from the command you suggested:

	PowerShell v6.1.0-preview.1
Copyright (c) Microsoft Corporation. All rights reserved.
	https://aka.ms/pscore6-docs
Type 'help' to get help.
	PS C:\Program Files\PowerShell\6.1.0-preview.1> Install-Module SpeculationContro
l
	Untrusted repository
You are installing the modules from an untrusted repository. If you trust this
repository, change its InstallationPolicy value by running the Set-PSRepository
 cmdlet. Are you sure you want to install the modules from 'PSGallery'?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help
(default is "N"):y
PS C:\Program Files\PowerShell\6.1.0-preview.1> Set-ExecutionPolicy Bypass
PS C:\Program Files\PowerShell\6.1.0-preview.1> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]
For more information about the output below, please refer to https://support.mic
rosoft.com/en-in/help/4074629
	Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system
policy: False
Windows OS support for branch target injection mitigation is disabled by absence
 of hardware support: False
	Speculation control settings for CVE-2017-5754 [rogue data cache load]
	Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: False [not requ
ired for security]
Get-WmiObject : The term 'Get-WmiObject' is not recognized as the name of a cmdl
et, function, script file, or operable program.
Check the spelling of the name, or if a path was included, verify that the path
is correct and try again.
At C:\Program Files\PowerShell\Modules\SpeculationControl\1.0.6\SpeculationContr
ol.psm1:243 char:19
+             $os = Get-WmiObject Win32_OperatingSystem
+                   ~~~~~~~~~~~~~
+ CategoryInfo          : ObjectNotFound: (Get-WmiObject:String) [], CommandNotF
oundException
+ FullyQualifiedErrorId : CommandNotFoundException
	PS C:\Program Files\PowerShell\6.1.0-preview.1> Get-SpeculationControlSettings>"
%userprofile%\desktop\mitlog.txt"
Get-SpeculationControlSettings>%userprofile%\desktop\mitlog.txt : The module 'Ge
t-SpeculationControlSettings>%userprofile%' could not be loaded. For more inform
ation, run 'Import-Module Get-SpeculationControlSettings>%userprofile%'.
At line:1 char:1
+ Get-SpeculationControlSettings>"%userprofile%\desktop\mitlog.txt"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : ObjectNotFound: (Get-Speculation...ktop\mitlog.txt:Str
ing) [], CommandNotFoundException
+ FullyQualifiedErrorId : CouldNotAutoLoadModule
	PS C:\Program Files\PowerShell\6.1.0-preview.1> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]
For more information about the output below, please refer to https://support.mic
rosoft.com/en-in/help/4074629
	Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system
policy: False
Windows OS support for branch target injection mitigation is disabled by absence
 of hardware support: False
	Speculation control settings for CVE-2017-5754 [rogue data cache load]
	Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: False [not requ
ired for security]
Get-WmiObject : The term 'Get-WmiObject' is not recognized as the name of a cmdl
et, function, script file, or operable program.
Check the spelling of the name, or if a path was included, verify that the path
is correct and try again.
At C:\Program Files\PowerShell\Modules\SpeculationControl\1.0.6\SpeculationContr
ol.psm1:243 char:19
+             $os = Get-WmiObject Win32_OperatingSystem
+                   ~~~~~~~~~~~~~
+ CategoryInfo          : ObjectNotFound: (Get-WmiObject:String) [], CommandNotF
oundException
+ FullyQualifiedErrorId : CommandNotFoundException
	PS C:\Program Files\PowerShell\6.1.0-preview.1>

So is there any advantage to installing the microcode via the VMWare driver?  Also, as I am running Windows 7 with a Kaby Lake CPU (an unsupported configuration by Microsoft), shouldn't pretty much all of the mitigations show as "FALSE" since it hasn't offered me any of the relevant patches for my particular OS/hardware?

Share this post


Link to post
Share on other sites
1 hour ago, exile360 said:

Speculation control settings for CVE-2017-5715 [branch target injection]

For more information about the output below, please refer to https://www.microsoft.com/en-in/help/4074629

Hardware support for branch target injection mitigation is present: True

Windows OS support for branch target injection mitigation is present: True

Windows OS support for branch target injection mitigation is enabled: False

Windows OS support for branch target injection mitigation is disabled by system policy: False

Windows OS support for branch target injection mitigation is disabled by absence of hardware support: False

 

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True

Windows OS support for kernel VA shadow is present: True

Windows OS support for kernel VA shadow is enabled: True

Windows OS support for PCID performance optimization is enabled: False [not required for security]

There is no advantage of installing microcode via VMWare driver, unless the you run virtual machine....then the os within the virtual machine will get protected from Spectre.

Let start with Meltdown CVE-2017-5754. This one doesn't require microcode update, purely software based fix with PCID/INVPCID accelerated optimization to minimize the slowdown from the fix. More info on how microsoft Meltdown fix works over here https://blogs.technet.microsoft.com/srd/2018/03/23/kva-shadow-mitigating-meltdown-on-windows/ This is why "Windows OS support for kernel VA shadow is enabled" is shown as True. The bad news, there is no PCID optimization enabled for Win7 even though your CPU supports PCID/INVPCID. The optimization only enabled on windows 10 if the cpu supports PCID/INVPCID.

Now, for the Spectre CVE-2017-5715 part, your windows 7 kernel is vulnerable to spectre because windows kernel is not able to detect IBRS, IBPB and STIBP existence (the proper microcode is not loaded before kernel initialization =  VMware microcode loader loads the microcode too late in booting stage) and thus the kernel does not set-up to use these MSRs to protect your system against spectre as I highlighted in red.

IBRS, IBPB and STIBP documentation can be find over here https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf

Share this post


Link to post
Share on other sites
On 3/30/2018 at 5:31 PM, exile360 said:

Yes, thankfully it can be patched either through an update to the BIOS (the optimal solution) or through a driver within the OS (the path I was forced down as well you may be) which isn't as efficient, but should be just as effective with regards to security.  Theoretically, if MS would push a patch for 7 it wouldn't even matter though, because that would force the OS to utilize the performance optimizations built into my newer chip to offset the vast majority of lost performance but I doubt they'll be doing so any time soon if at all since they'd much rather force everyone they can onto Windows 10 in every way possible now that they are in the business of offering the OS as a service rather than a license and are so invested in leveraging spyware, which 10 has much more of than 7 (and what 7 has I have crippled via various means).

You can give the method I used a try if you're brave enough.  I'm certain that with your skill level you'll have no issues with it, just be sure to read the instructions carefully and you should be OK.

Oh, brave enough I am, but my problem is not the methodology, my problem is that since the CPU I use has not been officially updated by Microsoft (and technically, Intel) my machine will take a pretty hefty performance hit because Microsoft is also not patching against the performance hits on CPUs it is not patching in Windows, IIRC.  I'll have to look more carefully.

Also, I have the original ones that Intel released, then pulled, and I decided to wait until I started seeing reports of others with my family of processors having successfully patched before moving on.

If I am lucky, I will get with an eVGA rep and see if I can get source for the BIOS and build it into the BIOS myself (but I doubt it - they are the ones who said they are waiting for the source from Intel to begin with....)

Edited by John L. Galt

Share this post


Link to post
Share on other sites

Argh, yeah, I hear you @John L. Galt.  I'm in the same boat with Eurocom.  I got my current laptop right at the EoL for this particular model and I doubt they have any plans to offer a patched BIOS any time soon (if at all).

@Digitama and John, if you know as well; do either of you guys know exactly how these vulnerabilities are exploited?  What I mean is, based on the information available so far, can these vulnerabilities be leveraged to infect a system/execute malicious code through pretty much any process?  So for example, is this the type of vulnerability that leaves a system open to attack through a malvertisement or other remote browser based exploit, or is this the type of vulnerability where the user must execute a malicious payload of some kind such as a malicious executable and/or maliciously crafted MS Office and/or PDF document?  Basically I'm wondering about the scope of these vulnerabilities and just how useful they are known to be at this point and whether it is even feasible for an attacker to leverage them to infect a system easily remotely in an automated fashion or if this is the type of vulnerability which requires direct and/or domain level access to an endpoint and/or network because if it is the latter, then the level of risk for many, myself included, is significantly reduced since no one touches my system but me.

I am also wondering if these are the kinds of vulnerabilities which might somehow be mitigated through the use of some third party protection, similar to the way that Malwarebytes generically thwarts buffer overflow attacks against processes and modules in memory to prevent those kinds of exploits or if, due to the nature of these vulnerabilities, the only way to secure a system is through these patches from Intel and Microsoft?

Any insight either of you might offer would be helpful.  I think there are a lot of questions which aren't easily answered here, at least based on what I've personally read so far, so any light either of you can shed on the subject could prove beneficial for anyone reading through this thread.

Share this post


Link to post
Share on other sites

I've done a couple of write ups on it, both here and at other forums.

 In that thread I did a small write up (post #6) on the vulnerability as well as linking directly to the the the research PDFs on both vulnerabilities, as well as another PDF that explains it a bit more in layman's terms (but it is still technically heavy stuff).

The basic idea here is that the vulnerabilities themselves are usable only locally, the data (dump) that is obtained would then have to be sifted through to find relevant items that could be exploited (passwords, etc).  Not only would an end user have to execute some sort of payload (the data has to be loaded into memory, then abandoned, and finally surreptitiously accessed and collected, or dumped) and then that data would also have to be transported to a location where someone with malicious intent would be able to sift through it.  For most people that would mean additional malware (or, at the very least, seemingly innocuous connectivity software that was, in fact, sending your data somewhere you don't want it sent, or worst case scenario, piggybacking on legitimate connections to legitimate sites (that might have been surreptitiously compromised in other ways to allow malicious people to gain access to incoming packets).  The easiest would be, of course, if the data thief had direct access to your system and the ability to start running programs that would load sensitive / privileged info into the buffers - which means he pretty much has enough access to already do a lot of harm to your system.

Take all of this with a grain of salt, though - I'm on the outside looking in, and am not any sort of actual vulnerability researcher - I just gather the facts and interpret them as best as I can.  So, I may be off base, in that there may be ways that this can be exploited relatively easily, especially with legitimate tools / software (I'm guessing this is so, but I have no idea, really).

Edited by John L. Galt

Share this post


Link to post
Share on other sites

@exile360 , it is as John L. Galt said.

So far, Spectre can only be used for reading data on targeted machine. No writing "yet".

The payload delivery method = javascript on unpatched web browser. Spectre exploit "used" to work on web browsers through simple javascript execution. You just have to visit booby trapped site and somehow linger around the site for long time...... (I mean there are web operator abusing tiny sized pop-under ads :angry: that appears hidden way behind the main browser window rather instead of appearing in front of it.) The big three web browsers (edge,chrome,firefox) mitigate it by disabling SharedArrayBuffer, reducing the resolution of performance.now timer and adding some timing jitter (firefox nightly Bug 1448869). However,  few reports indicated these mitigations are useless because one can construct high precision timer through HTML5 Web Workers.

Unfortunately, a lot of companies never update their web browsers :rolleyes:.......so, between traditional phishing or "high-tech" phishing with NSA Spectre payload style.....which one do you prefer? Connectivity issue? Firewall normally let web browsers traffic through.....

 

EDIT: By the way, Intel just cancelled microcode update for 45nm core 2, Bloomfield and Clarkfield. Old system be damned.

EDIT2: If you read linux kernel commit comments, Google Repotline method only won't protect Skylake against spectre. Microcode update is required. https://lkml.org/lkml/2018/1/4/432

Edited by Digitama

Share this post


Link to post
Share on other sites
4 hours ago, Digitama said:

@exile360 , it is as John L. Galt said.

So far, Spectre can only be used for reading data on targeted machine. No writing "yet".

The payload delivery method = javascript on unpatched web browser. Spectre exploit "used" to work on web browsers through simple javascript execution. You just have to visit booby trapped site and somehow linger around the site for long time...... (I mean there are web operator abusing tiny sized pop-under ads :angry: that appears hidden way behind the main browser window rather instead of appearing in front of it.) The big three web browsers (edge,chrome,firefox) mitigate it by disabling SharedArrayBuffer, reducing the resolution of performance.now timer and adding some timing jitter (firefox nightly Bug 1448869). However,  few reports indicated these mitigations are useless because one can construct high precision timer through HTML5 Web Workers.

Unfortunately, a lot of companies never update their web browsers :rolleyes:.......so, between traditional phishing or "high-tech" phishing with NSA Spectre payload style.....which one do you prefer? Connectivity issue? Firewall normally let web browsers traffic through.....

 

EDIT: By the way, Intel just cancelled microcode update for 45nm core 2, Bloomfield and Clarkfield. Old system be damned.

EDIT2: If you read linux kernel commit comments, Google Repotline method only won't protect Skylake against spectre. Microcode update is required. https://lkml.org/lkml/2018/1/4/432

Yeah, they keep throwing Bloomfield under the bus.  Repeatedly.  Which is more the misery for me as that is what I am currently running.

Share this post


Link to post
Share on other sites

Thanks guys, at least there's some good news here.  It sounds like attacks against individual endpoints are pretty unlikely, at least so far so users such as myself have a lot less to worry about.

Now, as far as financial systems, game servers, cloud services and all the other online data/credentials etc. etc. and their risks, based on what I know of many of those industries and their security and patching policies, these new threats are actually the least of our worries.  I mean when was the last time you saw an ATM or POS system that wasn't running XP (or older)?  These organizations very seldom patch, very seldom keep up with new operating systems or hardware and I truly believe are victims of MAJOR data breaches and leaks far more frequently than we ever hear about on the news and that if people knew just how bad things really were, it would make the Y2K scare look like well, the non-event that it pretty much turned out to be.  It's nasty out there and these major industries that form the majority of our financial and infrastructural framework that controls far more of our everyday lives than many would be comfortable knowing are woefully ill-prepared for it and few are taking any action to secure it.  Between the organized criminal organizations and state sponsored attackers, there is little chance that far too much of our personal information and access to critical systems doesn't make it into the wrong hands, and unfortunately between Microsoft (and others) getting into bed with the NSA and exposing more customer information than ever through telemetric data collection (read SPYWARE), the concepts of privacy and security are pretty much things of the past and there are far easier ways for the bad guys to gain access to these systems, servers and networks than developing new methods based on these POCs, at least that's my opinion based on what I know of the situation.

Share this post


Link to post
Share on other sites

As opposed to the disorganized criminal organizations?  :P

Seriously, though, yeah, the state of the digital space we call the Internet is pretty Orwellian from any standpoint - all in the name of 'safety'.  Or profit.

Share this post


Link to post
Share on other sites
3 hours ago, John L. Galt said:

As opposed to the disorganized criminal organizations?  :P

Seriously, though, yeah, the state of the digital space we call the Internet is pretty Orwellian from any standpoint - all in the name of 'safety'.  Or profit.

Yep, disorganized criminal organizations.  What, you haven't heard of the criminal groups that keep their rooms messy, don't sort their files in alphabetical order and fail to form labor unions :P?  Hehe, only kidding, there's no way they'd ever do without their precious dental plans :D.

Yeah, it's pretty rough, especially now since all the stuff that was exposed with PRISM and all that, not to mention "big data" which is no more than spyware on a mass scale, considered "legitimate" and "acceptable" only because it started with organizations like Google and the other search providers and was adopted by MS (and now pretty much every other major and minor software company).  I get that they want to make their products better for their customers, but come on, when is enough too much?  It's getting to the point where, based on all the data they've gathered, they can accurately profile and predict things about us that even our closest friends and relatives don't know and that we've never revealed on the web just based on extrapolation of data and patterns common to others who share the same "profile"/habits etc.  It's way too much power, both from a privacy perspective and from a potential market, political and sociological manipulation perspective, especially if anyone ever does succeed in building a true AI that can collate and make predictions based on the data with regards to possible future trends and how to insert the right information in the mass media and on the web to manipulate future outcomes and streams of consciousness.  I mean it's not like we're all sheep or anything, we are obviously creatures fully capable of independent thought, however trends and popular culture can and have been manipulated in the past, and these things can be used to potentially alter the perspectives and opinions of the masses which could be used to benefit any number of potentially nefarious purposes (besides, even when used for something "positive", manipulation of such nature is still extremely unethical in my opinion with perhaps the only exceptions being the old school 30 minute toy commercials known as 80s and 90s cartoons because hey, who doesn't love action figures and cartoons :P?).

Anyway, I'll keep an eye on this situation, but I'm a lot less concerned about it than I was when I started this journey, so thanks for helping to alleviate my concerns you guys :).

Share this post


Link to post
Share on other sites

Well, just saw an update that kills it for me.

https://www.zdnet.com/article/intel-we-now-wont-ever-patch-spectre-variant-2-flaw-in-these-chips/

In the Intel PDF, Bloomfield is among the CPUs for which Intel has stopped developing microcode.  I'm on a Bloomfield.  So, I'm completely left out now, as there will be no BIOS update because there is no forthcoming microcode.

Share this post


Link to post
Share on other sites

Ouch, that sucks.  Oh well, I'm in no better shape really since, even though I have a supported CPU, it's too "modern" for Microsoft to support it officially in Windows 7.  Up until now I'd never heard of such a policy from a software vendor, but there you have it.  My hardware is too modern for their aging OS so they won't support a fix unless I "upgrade" to Windows 10 (which isn't an upgrade at all in my opinion).

Share this post


Link to post
Share on other sites

Not gonna start the debate on that issue, that is clearly one of those "To each his/her own" topics.  I did enough of that when 7 launched and people staunchly stated that they didn't see 7 as an upgrade over XP lol.

I'm one of the lesser anomalies, older hardware with the modern OS, versus modern hardware with the older OS lol.

Share this post


Link to post
Share on other sites

Hehe, indeed.  Hey, I was a Vista early adopter (pre-beta, beta, RTM).  When Vista first became available as a tech preview I installed it on my system and never looked back.  I loved the Aero Glass interface and all the new features (yes, including UAC) and to this day I still feel it's one of the best versions of Windows I've ever used.  It took me a really long time to finally move to 7, and I only did so when I bought a new system that shipped with it.  I wasn't a huge fan at first, but it's grown on me and I've gotten used to most of the differences compared to Vista.  It is nice to have some more options when it comes to UAC.  I really wish there was more to compel me to move to 8/8.1/10, but having used them and finding just how tedious doing things can be on those systems, I just can't bring myself to take the plunge on my main rig, especially with all this spyware/telemetry crap that Microsoft has been up to.  They really need to drop that, and soon, otherwise people like me will be switching to Linux.

Share this post


Link to post
Share on other sites

I had an MSI board running a Northwood P4 that did not like Vista at all.  I had gotten a ẞeta version from a Micro$oft conference I had attended way back then, and I tried it out, then the final, but reverted that machine to XP because Vista ate too many resources versus XP on my limited machine.  But when 7 came out, I even stated this multiple times in the old MB forums, that 7 was what Vista should have been.  I even likened Vista to ME and 7 to XP in terms of usability.  I loved the look and feel of Vista, don't get me wrong, but it was horrible at resource management for my machine.  That same machine ran Windows 7 like a champ, though.

As for WinX, I like that I have gotten rid of all tiles (I hate the tile interface of Win8) and have a start menu that is reminiscent of Windows 7 but with a material style look to it.  In addition, grouping apps via letter allows me to find apps by clicking the actual letter group, which then fades back to the entire alphabet for me to choose from (not that I actually ever  do any of this - Since Win7 I'm addicted to using the search bar for my apps anyway lol).

And as for the telemetry, I have most of that disabled by myself, and the rest I leave on, but since I test Insider Preview builds, I suppose (justify?) it as a necessary means to an end, in that I test all sorts of software on every new build that comes out in the IP fast ring series (and Skip ahead series, when it is active, like now).  Including apps from here :D

See the picture of my start menu: 

5ac6859e58344_WinXStartmenu.PNG.14d750594aa7a9ce93422e60ac990b43.PNG

Once you remove all the tiles, you can shorten the width of it to match only the actual program list width, which I have done above.

I am getting a bit annoyed with the way the new settings panel is seemingly more simplistic than the original items that were in control panel, but since control panel is still usable by me, I don't complain too loudly - I just bypass the settings panel when I need to, either using the God Mode shortcut, or else by calling specific .CPLs directly from the run dialog.

Another annoyance is that on clean builds, it defaults to install a whole bevy of applications I do not use, particularly games (I am a gamer, but I don't play any of the games that WinX installs, and those are always the first things to get uninstalled on a clean install).

As for *nix, I could easily run *nix, as I have done so in the past, even to the point of building it from scratch (which started out as me learning how to compile my own kernel in Fedora Core .. .2?  I think it was, and moving on to learning how to compile more and more apps, until I finally built a Gentoo box and compiled everything on my own).  The main reason I don't is that I support too many clients that actually run Windows 7/8/10, and using it keeps it familiar to me.  A secondary reason, though not as applicable as it used to be, is that I do all of my gaming on PC (no consoles even owned) and back in the day I could not play any of these games on *nix without some serious work using Wine when it first came out.  Nowadays, though, it seems  to be a lot easier to do, particularly with Origin, which is my original and still favorite gaming platform, and which doesn't have a Linux client (but there are instructions out there to get it working pretty easily).

Share this post


Link to post
Share on other sites

Ha, you had a Northwood, my very first PC was a 2.4GHz Northwood 850E chipset based Alienware rig with 512MB (eventually upgraded to 1GB [256x4 modules]) of PC800 RDRAM with a Sapphire ATI Atlantis 9000 Pro (eventually upgraded to a stock ATI 9800 Pro plus like 4 IDE HDDs, 2 DVD drives (one RW, one R only), tons of goodies like TV tuner cards etc.  I used that rig for everything from gaming (Quake III Arena, UT2K4 etc.) to a DVR and everything in between.  I loved it.  Eventually I upgraded to a Gateway with a Pentium D 830 and maxed it out at 4GB of RAM and that was the system I put Vista on.  A dated rig to be certain, but thanks to the fact that it had a decent GPU (I upgraded the PSU and installed an ATI Radeon HD4870 in my mainboard's empty PCIe slot) and over 2GB of RAM, Vista ran pretty much like a dream.  Vista was never really slow for me at all, but that's likely because I was past that infamous 3GB threshold that it had a tendency of loving to eat with SuperFetch and whatnot (a deeply misunderstood feature in my opinion, and something I'd still miss if I didn't have an SSD at this point in Windows 7).  I ate up features like Media Center (which I'd fallen in love with on my Gateway rig since that was the version of XP it shipped with, along with the excellent Hauppage WinTV PVR 150MCE and my ATI TV Wonder 650 that I migrated over, enabling me to plug in 2 cables and record 2 separate shows at once) and the Aero Glass shell which seemed to come alive when run on a rig with a decent graphics card (an unfortunate limitation XP could never get past; after a certain point Explorer on XP is as fast as it's gonna get no matter what hardware you throw at it, while Vista seemed to have no such "ceiling").

Now I have my lappy and I'm still quite happy :) .  It's an i7-7700k desktop CPU clocked at 4.4GHz with 16GB of Corsair Vengeance DDR4-2666, an NVIDIA GTX 1060 6GB desktop GPU (yes, in a notebook ;) ) with a 15.6" screen running at 1920x1080 native res and a Samsung 960 PRO 1TB M2 NVMe SSD running Windows 7 Pro x64 SP1 (fully patched, of course) and most of the time it pretty much screams (but it's also really good at staying cool, unlike some past laptops I've owned of similar, though somewhat lesser specs).  I'll probably upgrade the RAM since it currently only has a single 16GB stick installed, but I honestly haven't seen the need yet as I seldom go above 30%~50% RAM usage at any given time no matter what I'm doing or how much I might be multitasking.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.