Sizes against spectrum and collapse


The world is currently patchrated on many fronts against the discron of known attack options and the collapse, which have been created by an architectural error in the Intel, AMD and Arm CPUs. Microsoft, Mozilla, Google and other producers have already reacted with the first patches. Corresponding test programs are now available. However, some virus scanners cause problems with the patch.

Security gap in almost all CPUs

A security gap in architecture in almost all CPU manufacturers of Intel, AMD and Arm processors allows up to three attack options, which are defined as Spectre 1, Specter 2 and Meltdown. This security gap is currently threatening systems all over the world. Since the security gap cannot be exploited from the outside, the systems in particular are interested, which programs perform. In addition to the classic malice programs, this also includes web browsers who perform active content through JavaScript and HTML 5. For more information on safety gaps, see, for example, in an article CT specialist: «Analysis on the processor gap: Meltdown and Specter are a security supergau».

I notify: A list of which the CPUs are affected by the Specter and Security Meltdown has recently been published. AMD assumes that their CPUs are only susceptible to one of the two spectrum attacks.

Patch von Microsoft

Microsoft has had patches for the various versions of Windows, Internet Explorer and Microsoft Edge since January 3, 2018, which should contain errors in the CPUs under Windows.

Danger:
ATTENTION: Sometimes an obsolete virus scanner can prevent the delivery of the patches, as Microsoft describes in the article KB4072699. You can control it alone in the register below

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionQualityCompat

See if the secondary key there Cadca5fe-87d3-4b96-B7FB-A231484277CC with the reg_dword 0x00000000. Only then is it possible to install the necessary patches. If necessary, it is necessary to create the register of the register by hand.

The Microsoft patch, published for Windows 10 under KB4056892, is not currently not yet implemented on all systems, since problems can occur depending on the configuration. Here only patience helps until Microsoft has knocked on all possible problems with AMD processors, for example.

Microcodice for the necessary CPUs

However, manufacturers’ patches do not solve the real problem found in their respective CPUs, they can only make attacks difficult. Intel has therefore announced that it will soon be available for all older CPUs since 2013. However, these should be through the producers of the main about the customer, so that a «Bios update» is necessary.

Addendum 05.04.2018: Intel patch

In the meantime, Intel has declared that its micro -gray updates have ended up and provided for numerous CPUs, usually new updates for producers compared to 2010. With the exception of new processors such as Skylake, who have experienced a micro -coded update on Windows, the main abolish producers must provide updates in the form of Bios updates.

Other manufacturers also react

Since attacks are also possible via web browser, not only Microsoft has set Internet Explorer and Edge, but Mozilla Firefox also has an update to 57.0.4 and, of course, Adobe Flash an update. Nvidia Patch also his GeForce driver on the 390.65 version with a security update against Specter.

Tipp: Heise collects the safety instructions and updates of hardware and software producers in a constantly updated list. It is therefore advisable to look for updates more often.

Simple exam, both spectrum and collapse still interested

The control of the Meltdown Free Specter CPU from ASHAMPOO CHICKS with a click if the system is vulnerable. To do this, start the software and, after a brief analysis, can see directly if and which safety gaps are available from you.

For analysis, the program uses a Microsoft routine, which was published in KB4073119 and works under PowerShell, but needs some knowledge in the PowerShell for use. The Ashampoo test is a little more elegant here because it is easier to use.

Performance effects

According to experts, patch against spectrum and collapse attacks also have negative performance effects. What is compromise depends on the age of the CPUs and the application area. The Windows Terry Myerson boss has taken on a blog post for the loss of performance due to patches against Specter and Meltdown and comes to the conclusion that the most recent CPUs are almost significantly more slow under Windows 10. However, if you use the older CPUs (for example, Haswell Da Intel series), you should feel the loss of performance. Windows Server is the worst with activities such as database server or web server. A clear debut for performance would feel here.

Effects during the game

Eurogamer, on the other hand, is available in a series of «Digital Foundry-Meltdown and Specter tests: are the patches influence the game performance of your PCs?» To determine that the losses of performance during reproduction are not measured by an unpaid window.

latest posts published

Lokky, the Italian data driven insurtech for professionals and SMEs

Lokky, the Italian data driven insurtech for professionals and SMEs

EconomyUp interviews Paolo Tanfoglio and Sauro Mostarda, Co-founder and CEO of Lokky Awarded as 'Best ...
An ally for cyber security: Load Balancing

An ally for cyber security: Load Balancing

Having a fast, high-performance and reliable website is a non-negligible aspect for those who have ...
Business Trend 2023 for SMEs, professionals and commercial activities

Business Trend 2023 for SMEs, professionals and commercial activities

The main trends of 2023 that you will need to consider in your business Digital ...
Occupational risks for pastry shops

Occupational risks for pastry shops

The pastry chef's activity involves the production of confectionery products, from the preparation of the ...
How to read a pay slip

How to read a pay slip

In collaboration with our partner F2Dwe decided to delve deeper into the elements that make ...
What are the most common cyber risks and how to protect yourself

What are the most common cyber risks and how to protect yourself

“Houston, we have a problem."Who doesn't know the words of Jack Swigert, pilot of the ...
Clinical Risk: What it is and What are the consequences

Clinical Risk: What it is and What are the consequences

In recent years, the responsibility of healthcare facilities has increased significantly and with this also ...
Commercial activities most affected by theft

Commercial activities most affected by theft

Theft, shoplifting and armed robberies are a plague for Italian traders. In Europe, Italy is ...
October is European Cyber ​​Security Month

October is European Cyber ​​Security Month

October is the European month dedicated to cybersecurity, a good opportunity to acquire new awareness ...
Estimating cyber risk: importance and difficulties encountered

Estimating cyber risk: importance and difficulties encountered

The biggest challenge regarding cyber security is to estimate cyber risk in a credible, sustainable ...

Leave a Reply

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *