Attention WINTEL USERS. After you install the MELTDOWN patch you need to ENABLE IT to make it come into effect:

Attention WINTEL USERS. After you install the MELTDOWN patch you need to ENABLE IT to make it come into effect:

>Customers need to enable mitigations to help protect against speculative execution side-channel vulnerabilities.

>Enabling these mitigations may affect performance. The actual performance impact will depend on multiple factors such as the specific chipset in your physical host and the workloads that are running. Microsoft recommends customers assess the performance impact for their environment and make the necessary adjustments if needed.

support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

Other urls found in this thread:

youtube.com/watch?v=zNqcuzUleNQ
catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4056897
ionescu007.github.io/SpecuCheck/
github.com/ionescu007/SpecuCheck/releases
catalog.update.microsoft.com/Search.aspx?q=KB4056892
github.com/ionescu007/SpecuCheck
catalog.update.microsoft.com/Search.aspx?q=KB4056898
twitter.com/AnonBabble

post the fucking link again, it seems cut off

HAAHAHA. It won't slow down your PC Intel said. It sure won't. It's not even activated. My fucking sides.

That's the link, blame microshit, stupid.

my sides, microshit is even reluctant to turn the shit on

That is for servers. Usually on servers you don't run foreign / untrusted code, or if you do its already fucked. Having it on manual enable on servers is understandable.

don't update

It's a scam to make you upgrade your rig and buy new chips


They are targeting future proof rigs to make money.

I won't update unless I get a free £4000

Compensation rig


If you have two factor authentication on everything your stuff is safe

Fuck paying for hardware after the first rig

Why even bother using anything but root then on the server?

...

It's been so long since I've tinkered in the registry. How do you add those to the registry again?

Isn't that just for servers rather than home computers

Oh wait this bug only affects cloud server faggots?

Ok have fun losers

My understanding is that it's enabled by default on client OS's and disabled by default on server OS's.

Obviously if you're running untrusted code on your servers, you have bigger problems.

No it's disabled by default in all cases.

This post from Microsoft themselves says otherwise

wait is this a windows update or what? my windows 10 ))) wants to update

>intelligence level of windows user

Think again stupid.

>enabling protection on servers
>protection on servers
>on servers
>servers

Please go back to shilling for amd

Enjoy getting rekt, moron.

>Windows actually giving customers a choice in the matter
Well that is honestly surprising.

Enjoy your amd vulnerabilities

Im eurofag why haven't I gotten the patch?

for the same reason you're never ever getting the 1 billion euros from Intel when EU won the lawsuit in 2009

>Tricking the cpu

youtube.com/watch?v=zNqcuzUleNQ

I wasn't pushed the update through win 10 update but i manually installed the update through microsoft's website.
I'm not really sure if the fix is activated though based on this thread. Is manual activation only required for servers or for everybody?

Read the fucking page OP posted and see if the process has any effect

it was pretty much worthless. i added the keys and did the powershell stuff to the best of my ability but this is all that happened.

Where is patch for windows 8 ?

Where is the LTSB update fug

catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4056897

What the fuck, I'm getting security errors on both Firefox and Chrome and can't download the update. Does the URL above work for you?

Fug how do I house refugees now???

The patch has only been out for a few hours and already its not working for most users, I'll definitely be backing up my copy of 8.1 before attempting the update once it comes out.

And could we PLEASE get a conclusive answer as to whether you need to edit the registry to active the patch? I can foresee this going wrong for lots of people.

The fix does not need to be manually activated. Kind of defeats the entire purpose of a patch doesn't it?

Stop believing fake news.

Okay it works now, I wonder what the fuck is Microsoft doing fucking with the SSL certificates at a time like this.

I myself can't reach it now.

The Update Catalog is a giant piece of shit so maybe they're having trouble handling many connections at once for this.

Yo user, just type in

powershell.exe -ExecutionPolicy Unrestricted

and re-run the Get-Spec command.

I want to disable it on the desktop, how to?

It has to be manually activated for servers. For desktop, installing KB4056897 should be enough.

Alex Ionescu has released a tool to check if your Windows is affected by Meltdown and Spectre: ionescu007.github.io/SpecuCheck/

So you can check you're no longer vulnerable to Meltdown once you've applied the update.

>windows server
itt: retards who can't read

just don't install it

>no precompiled binaries, just a visual studio project file
Lazy fuck.

github.com/ionescu007/SpecuCheck/releases

Thanks.

i'm sure it will install on its own if I shut the pc off
welcome to windows 10

This is how it looks for me after installing KB4056897 on Windows 7 x64 with an i5-2500K.

thanks user,
this is the new result. i'll check that MS page try to decipher its meaning.

Fake news, you need to manually enable it via registry on all versions of windows.

You have a newer Intel processor (KVA Shadow required + PCID Enabled flags) and the Meltdown bug is patched. But, you should check your registry for the Spectre exploit being enabled etc

not really sure where i went wrong. it does seem that the injection mitigation has to be manually enabled. i've tried to run microsoft's registry edit in a few ways but short of trying to plug their key directly into registry editor and manually adding the entry i'm not sure what i'm doing wrong to enable it. i'm surprised they made it this tedious.

psst, this is windows. Have you tried rebooting?

So, this shit is installing on my win10 right now. How do i disable it after that since i have ryzen and it's not a server, so it'll be active by default. I heard it could be done through registry, but what keys?

According to OP link, this is what it should say when the mitigation is enabled:

PS C:\> Get-SpeculationControlSettings

Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True

Windows OS support for branch target injection mitigation is present: True

Windows OS support for branch target injection mitigation is enabled: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True

Windows OS support for kernel VA shadow is present: True

Windows OS support for kernel VA shadow is enabled: True

Windows OS support for PCID optimization is enabled: True

It's not enabled by default.

No way to disable it on non-server Windows. But if you don't patch, you'll end up paying the price, this is pretty serious.

It's not enabled by default only on Windows Server. Regular Windows 7/8/10 receive a different update which enables the mitigation by default.

>can't download the patch
>obscure documentation not clear whether patch is enabled anyway
>have to regedit to enable it

Microshit windaids.

Stop lying, it's NOT ENABLED BY DEFAULT ON ANY WINDOWS. See this guy? Windows 10 Not enabled by default.

>Install-Module SpeculationControl
>"The 'Install-Module' command was found in the module 'PowerShellGet', but the module could not be loaded"
>Set-ExecutionPolicy Unrestricted
>same shit
>turns out I need Powershell 5 which is from WMF 5.0 update
>ok
>download and install KB3134758
>restart
>applying updates,restarts
>updates failed :o, rolling back
>no idea why, meet all requirements for installing it

god damn im tired of this shit

That guy is for some reason following Windows Server instructions from the OP.

It's not illegal if the user decides himself to slow down the computer. Genious!

Windows 10 patch here

catalog.update.microsoft.com/Search.aspx?q=KB4056892

The guy ran the powershell check which shows that it's not enabled by default. You must be an incuck shill here to trick people into not enabling the CPU crippling "hotfix".

I am not crippled, right?

RTFM from github.com/ionescu007/SpecuCheck

Pic related, mitigation enabled.

youre fucked

Why? I'm not a inteltoddler to be affected by meltdown.

Looks like I'm in the clear.
I did not apply the registry updates either, as they are for Windows Server only.

I haven't been able to enable OS suport for branch target injection mitigation but the 5th line that reads:
>Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True
Seems to mean that injection mitigation won't enable at all without the hardware support (BIOS update patch, obviously unreleased)
So I'm not sure I will be able to enable the patch, and this would probably apply to most other people too.

This

>incuck shill
How's being 13 years old working out for you?

catalog.update.microsoft.com/Search.aspx?q=KB4056898

8.1 applies to 8 too I believe.
Why are you on 8 instead of 8.1 anyway?

Did you reboot?

but why aren't the patches for win 7 and 8 rolled out through the windows updater?

Actually it's a bit more complex than that.

You still need to update Firefox/Chrome(Which won't be released until Jan 23rd) AND firmware updates from Intel

I was a lazy fuck, do you think it will work 8.1 and 8 are kinda the same

yes if you were that other user that suggested that, i did reboot

Because you are microniggers forced to wait until patch jewsday.

It won't be in official windows update until Tuesday I believe. Only Win10 has it rolled out today.

I'm on 8.1 and when I ran the tool this was the result, so I assume it worked.

>It won't be in official windows update until Tuesday I believe. Only Win10 has it rolled out today.

But why? Why is win 10 getting the day 1 fix and win 7 and 8 users have to wait until tuesday? Critical security updates count as part of the extended support for both.

Welcome to microshit windaids.

Apply applicable firmware update provided by your OEM device manufacturer.

What's that? I have a custom built pc.

because m$ are cunts and is punishing those who didnt update to 10

Do you notice any of those famous performance issues?

it means download a firmware update for your processor(intel/amd) when its available.

Not a bios update? I have an engineering sample (qh8f)

They hate us, I am going to Wait until tuesday and when I have more info about the patch I am kinda paranoid, my computer is offline anyway to lower any risk

I didn't run any benchmarks before installing it, and I can't be assed to uninstall it, do benchmarks, then do benchmarks afterwards, so I don't know. Based on all the other discussions, it seems the performance hit is non existent for end users. definitely not 30% and shit. Maybe 1%

It doesn't matter what the performance hit is IMO. anyway, because without it, you're wide open to being royally fucked by any drive-by javascript payload.

I've got nothing to hide.

Does a patch for win 7 exist to download manually? Has anyone installed and tested it already?

Alright well mind giving me your Credit Card/Debit card/Bank information? So that's basically what you're saying.

that's bad advice

what you could do is not update, cut your internet for windows to your gayming only and use ubantu for everything else online related

I cut off my Internet anyway. I will be safe as long as I don't hang around too much on the Internet (I hope ) unless specter or meltdown or whatever enters trough my windows and Doors

>unless specter or meltdown or whatever enters trough my windows and Doors
Also make sure to check under your bed for boogeyman too.

Getting Explorer.exe crashes where I have to restart them from task manager.. anyone get those?

I haven't seen any update besides the normal daily antivirus shit from Windows all week. Why isn't it in Windows Update?

been said a million times, TUESDAY

Start menu won't open REEEEEEEEEEE

Windows 7?
You're getting it later on Tuesday.

>Customers who only install the Windows January 2018 security updates will not receive the benefit of all known protections against the vulnerabilities. In addition to installing the January security updates, a processor microcode, or firmware, update is required. This should be available through your device manufacturer. Surface customers will receive a microcode update via Windows update.
I guess this basically confirms it. So just installing the patch does almost nothing. That's probably why most of these benchmarkers are picking up only minor benchmarking differences before and after updating.

Why the FUCK are they waiting a week?