Jump to content
Sign in to follow this  
alt3rn1ty

InSpectre - New Steve Gibson utility

Recommended Posts

I saw that.  Still only goes back to Skylake, but they are making progress.  Tons of people use pre-Skylake CPUs--I guess Skylake + makes up the bulk out there in the wild.

Share this post


Link to post
Share on other sites

Indeed. Patchable in firmware, in a few weeks vs months or never, requires admin access AND a BIOS reflash to make it all work. Color me unsurprised to find all that out. It's basically no worse than Intel's own problems with their IME chip that everyone swept under the rug.

Share this post


Link to post
Share on other sites

Intel are cutting back on the amount of planned microcode fixes, so some older models will not be supported ..

https://arstechnica.com/gadgets/2018/04/intel-drops-plans-to-develop-spectre-microcode-for-ancient-chips/

 

And here's the guide listing all the ones that will be getting an update ..

https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf

Thankfully all of our family machines are being done.

 

And just a reminder, here are the ones already done ..

https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

Share this post


Link to post
Share on other sites

InSpectre has been updated

  • Release #8 — Now shows whether an Intel microcode patch is (ever) available for Spectre.
    Intel has finished designing microcode update patches for its processors. On April 2nd, 2018, they announced that processors that have not yet been patches will never be patched. Their full statement is available in this PDF document. In that document, Intel specifies which of their many processors do have patches and which of their more recent processors will never receive updated firmware. Now that the industry has this information, this 8th release of InSpectre incorporates that list of CPUIDs and displays whether microcode firmware updates exist for the system's Intel CPU.

Share this post


Link to post
Share on other sites

And at long last my machine has had all the fixes, although at the moment the Spectre microcode fix is the one fed to the processor as windows boots up, I would still prefer the BIOS fix from MSI, which is going to take a while longer.

https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

https://support.microsoft.com/en-us/help/4078407/update-to-enable-mitigation-against-spectre-variant-2

InSpectre release #8 (running in Admin mode) detects all of them as fixed

9l6AEN9.png

 

And so far I have had no detectable performance decrease in games, but if that happens just use InSpectre before hand and use its Disable fix buttons temporarily.

Share this post


Link to post
Share on other sites

I just received an email today from MSI linking me to a BIOS update for my laptop machine. I sent them a request for support in case my machine model had mistakenly been missed, and I think my suspicion was sort of correct, the modified date on the BIOS file was 22nd of March.

I think someone just forgot to update my machines page on their website. Anyway, alls well that ends well, its now successfully reflashed with the new BIOS firmware and doing the necessary :)

Share this post


Link to post
Share on other sites

:facepalm::lmao:

Windows 10 April 18 update - Apparently they have not bundled the Spectre mitigation microcode updates (KB4090007) with it.

So if you already applied the update to Windows 10 Fall Creators update 1709 .. Standby to watch that get overwritten and not be protected anymore, and go back to waiting for another update from Microsoft.

For those of us with actual BIOS updates thats not a problem, but you would have thought they would include the boot time microcode updates they have already done for everybody in the major overhaul of the OS.

Share this post


Link to post
Share on other sites

Well I just updated to my latest BIOS (1.8) and according to InSpectre the system is still vulnerable to Spectre. So MSI have not fixed this on my motherboard yet.

Share this post


Link to post
Share on other sites

I just this minute finished updating to Windows 10 April 18 update v 1803, and InSpectre is reporting I am still protected across the board .. So the MSI BIOS update I was emailed a link to by MSI support Staff seems to be working fine here (otherwise due to the new windows update not including the on boot microcode update I would have reverted to Spectre Protection not installed) :

The MSI support page in my case though still needs to be updated with a new BIOS (at least to match the one I received), so I am guessing MSI are still doing their best to update all the models they need to, and the supporting website pages and links to new files. Just a case of remaining patient, but also, unless some attacker has actual access to your machine, it cant be exploited. And so far there are no reports anyone has heard of that the vulnerability has any actual code in the wild to take advantage of it. Maybe nation state level organisations have, for use of government spooks, but I have no worries they would be interested in my game modding machine, :) unless they are bored.

 

Share this post


Link to post
Share on other sites
2 hours ago, drizzan said:

Well I just updated to my latest BIOS (1.8) and according to InSpectre the system is still vulnerable to Spectre. So MSI have not fixed this on my motherboard yet.

Oh wait .. Did you right click InSpectre and "Run as Administrator"

If not it will not have enough access permission to find out if your BIOS is protecting you, and defaults to answering NO

Share this post


Link to post
Share on other sites

I did run it as both admin and regular user, in both cases it answers with not protected vs Spectre. The latest BIOS for my card was released in January 2018, it had a note that said: "- Update Intel Micro code for security vulnerabilities " but that doesn't seem to be Spectre, unless you need a Windows 10 update for Spectre aswell which I haven't downloaded manually. I have just gotten the regular updates through Windows Update.

Share this post


Link to post
Share on other sites

Asus decided to work some BIOS's to include a Spectre fix.  Kudos, Asus (if you're reading :)).  BIOS-level should have less of an impact on performance, yes, no?

Share this post


Link to post
Share on other sites
On 5/24/2018 at 4:53 PM, Malonn said:

Asus decided to work some BIOS's to include a Spectre fix.  Kudos, Asus (if you're reading :)).  BIOS-level should have less of an impact on performance, yes, no?

Sorry its been a while since I looked in here No, BIOS = Microcode fix, so same performance hit.

You can still disable both Spectre and Meltdown fixes temporarily using Steve Gibsons InSpectre

screenshot.png

Use the disable buttons while you play a CPU intensive game for example, then enable again afterwards.

------------------------

Also there is a new MS site which supports newer versions of windows and the associated fixes https://support.microsoft.com/en-gb/help/4093836/summary-of-intel-microcode-updates

So windows 10 v1809 has fixes listed now - Are these newer fixes bundled with windows updates ? .. I dont know

I installed these mitigation's for win 10 1807, then win 10 1809 was installed and InSpectre still shows my machine as fully protected.

So I did an overwrite install with the newer ones in case the code is actually specifically tailored to the stated OS version :shrug:confused.

Anyway, new kind of attack sort of using Speculative execution (affects Intel but not AMD) - https://www.grc.com/sn/SN-705-Notes.pdf

(Page 19 onwards).

Share this post


Link to post
Share on other sites

:lmao: Now I am even more confused as to what to do. Think I will just let windows do the necessary roll-out, and see what it makes of what is already enabled. Retpoline is compatible with my I7 anyway, so is desirable if its better performance.

Share this post


Link to post
Share on other sites

I am just waiting for them to roll it out and enable it by default offically themselves also. I have been running with the older fixes disabled, and have had no issues. Inspectre is wonderful for letting us disable them. I am aware that its risky, but I am also aware that it is really and incredibly tough to exploit. There are fixes for it on just about everything, not just our own PCs. I monitor the tech world news everyday, and if an outbreak happens, I will find out about it and simply re enable the fixes.

Share this post


Link to post
Share on other sites

I did a Clean install of Windows 1903 recently (primarily because I wanted new features in Windows 10 which you only get if you do a clean installation, like Reserved Storage), and it has the Retpoline (better optimised fixes for Spectre & Meltdown) suite of microcode on boot fixes included, Steve Gibsons InSpectre shows this machine is protected ..

Gx4VKHM.png

So keeping up with developments and using old links for fixes is no longer necessary if your windows 10 is up to date. The rollout of 1903 was staggered, to ensure compatibility with all the computer variations of hardware, so some machines may not have updated to 1903 yet. I prompted it to happen by using Windows Media Creation Tool to do the clean installation.

Retpoline was included in a cumulative update for Win 10 1809 too, which also proved to fix all Spectre & Meltdown, but that update was a bit buggy.

Anyway glad they finally got on top of this.

Share this post


Link to post
Share on other sites

Yeah, but there are Spectre variants that have no software fix. A few months ago, I watched a demo where they could run OpenSSH between two processors, it was so fast and effective. There are even BTB exploits that can bypass the new compiler directives that mitigate the other exploits (just saw a presentation on Tuesday).

SPOILER makes the attacks even faster, and can run in driveby Javascript.

Still, we are all thankful to Gibson and his many utilities over the years. I still regularly use his password generators.

Share this post


Link to post
Share on other sites
On 6/20/2019 at 2:25 PM, DayDreamer said:

Yeah, but there are Spectre variants that have no software fix. A few months ago, I watched a demo where they could run OpenSSH between two processors, it was so fast and effective. There are even BTB exploits that can bypass the new compiler directives that mitigate the other exploits (just saw a presentation on Tuesday).

SPOILER makes the attacks even faster, and can run in driveby Javascript.

Still, we are all thankful to Gibson and his many utilities over the years. I still regularly use his password generators.

Godz, I hope this cat n mouse stops eventually. Companies are doing their level best to mitigate issues and then another bad penny turns up.

I just got a new Dell laptop (with a Geforce GTX 1050 TI), did a clean install with win 10 1903 (the pre-installed win 10 had issues trying to update .. probably due to the pre-installed "helpfull" apps manufacturers install), then grabbed all the necessary custom drivers from the offical support site including firmware updates to the BIOS ..

.. Without doing anything else, InSpectre reports the machine is completely protected : I guess the immediate BIOS update, and 1903 clean install also includes all fixes to date including at boot microcode fixes, has my back without having to do anything else .. Time will tell.

Steve is deeply immersed in doing the final spec for SQRL just now, and has said the most important next thing on the agenda is a long overdue update to Spinrite.

Whether InSpectre needs any updates to catch up with recent developments I dont know. He does keep well informed in Security matters anyway, so I would imagine if there was anything concerning he would update it.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

Support us on Patreon!

Patreon
×
×
  • Create New...