Vulnerability in CPU Microcode Could Allow Information Disclosure
Results 1 to 10 of 10

Thread: Vulnerability in CPU Microcode Could Allow Information Disclosure

  1. #1
    Join Date
    Jan 2003
    Location
    US
    Posts
    5,634

    Vulnerability in CPU Microcode Could Allow Information Disclosure

    Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems including Intel, AMD, and ARM. Note: this issue will affect other systems such as Android, Chrome, iOS, MacOS, so we advise customers to seek out guidance from those vendors.

    Microsoft has not received any information to indicate that these vulnerabilities have been used to attack customers at this time.

    For more details, please see
    https://portal.msrc.microsoft.com/en...sory/ADV180002
    Eric

  2. #2
    Join Date
    Feb 2000
    Location
    Idaho Falls, Idaho, USA
    Posts
    18,063

  3. #3
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    25,428
    you won’t get any patches installed unless and until your antivirus software sets a specific registry key. If you’re running third party antivirus, it has to be updated before the Meltdown patch installer will run. It looks like there are known problems with bluescreens for some AV products.
    https://www.askwoody.com/2018/ms-def...aded-your-way/

    Read the whole article esp if you are running Windows servers.

    Note that the Windows Server patches are NOT enabled by default. Those of you who want to turn on Meltdown protection have to change the registry.
    More from MS: https://support.microsoft.com/en-us/...dates-released

    VirtualDr email notices are not working.
    Check back regularly for responses.

    _____________________
    cat lovers click here

  4. #4
    Join Date
    Jan 2003
    Location
    US
    Posts
    5,634
    Google has some info and list of affected products here.

    https://security.googleblog.com/2018...-you-need.html
    Eric

  5. #5
    Join Date
    Feb 2000
    Location
    Idaho Falls, Idaho, USA
    Posts
    18,063

  6. #6
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    25,428
    Live list of updated or soon to be updated a/v's that allow the patch(es)..


    https://docs.google.com/spreadsheets...sle=true#gid=0

    VirtualDr email notices are not working.
    Check back regularly for responses.

    _____________________
    cat lovers click here

  7. #7
    Join Date
    Jan 2003
    Location
    US
    Posts
    5,634
    Apple confirms iPhone and Mac systems are affected.

    https://support.apple.com/en-us/HT208394
    Eric

  8. #8
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    25,428
    Yet more info from MS on antivirus programs preventing updates and/or causing blue screens (and what they're doing about it)

    https://support.microsoft.com/en-us/...tivirus-softwa

    And more re: Win7 bluescreens...

    https://answers.microsoft.com/en-us/...=1515190079156

    And even more.. blue screens may be more than just a/v related..

    https://social.technet.microsoft.com...fter-kb4056894

    VirtualDr email notices are not working.
    Check back regularly for responses.

    _____________________
    cat lovers click here

  9. #9
    Join Date
    Jan 2003
    Location
    US
    Posts
    5,634
    Dell has released info for both client and servers that are affected. These systems can receive patched Firmware via Dell BIOS release.

    http://www.dell.com/support/article/...oducts?lang=en

    http://www.dell.com/support/article/...rking-?lang=en
    Eric

  10. #10
    Join Date
    Feb 2000
    Location
    Idaho Falls, Idaho, USA
    Posts
    18,063

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •