Intel addresses Meltdown and Spectre security flaws at CES 2018

Microsoft has confirmed that users of older of Windows should expect to “notice a decrease in system ” after they apply system patches to protect against the Meltdown and Spectre processor bugs.

The bugs, which affect mostly Intel processors but also some ARM and AMD chips, expose the majority of the world’s computers and phones to speculative execution side-channel attacks.

A successful attack could read portions of protected, sensitive memory, such as passwords and other secrets.

Microsoft released security updates on January 3 to fix the issue at the operating system level. Intel also issued updates for its microcode.

In changing the way that Windows accesses the computer’s memory, Microsoft has conceded that users may experience performance hits — depending on the age of their computer’s processor and version of Windows.

Microsoft’s Terry Myerson said in a blog post that Windows 7 and Windows 8 users running older processors, like 2015-era Haswell or older chips, will be most affected by performance issues.

That’s because older versions of Windows have more user-kernel transitions, such as font rendering taking place in the kernel.

In a call Monday, Microsoft said there would be some scenarios where performance might noticeably change, such as longer boot times.

Windows users also running older hardware may show “more significant slowdowns,” with the company expecting “some users will notice a decrease in system performance.”

But Windows 10 users running newer, 2016-era Skylake and Kabylake or later processors will be largely unscathed by any slowdowns, Microsoft said, “because these percentages are reflected in milliseconds.”

The software giant has yet to publish benchmarks — something it said will in the coming weeks.

Intel said in a blog post, however, that the typical home and business PC user should not see significant slowdowns in common tasks such as reading email, writing a document or accessing digital photos.”

If you haven’t received the patches already, it’s likely as a result of your antivirus blocking the updates.

Microsoft said this week that it won’t deliver the Meltdown and Spectre patches, or future security updates, to if they’re running third-party antivirus that aren’t confirmed to be compatible with Windows.

It’s understood that the company shut out Windows users with incompatible antivirus because of the risk to instability and blue-screen system crashes.

Third-party Windows antivirus products must set a Windows registry for customers to receive the update via Windows Update. Many antivirus makers have said they will not make the necessary changes, however.

Contact me securely

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Read More

Source link


Please enter your comment!
Please enter your name here