Welcome to the backdoor

this is the update for windows 10, right?

catalog.update.microsoft.com/Search.aspx?q=KB4056890

>date
what the FUCK

...

businessinsider.com/linus-torvalds-linux-inventor-is-furious-at-intel-2018-1

then why do attacks keeping happening WTF

So am I safe with only OS patches?

>intel: it is working as intended

W-w-w-what did t-t-t-t-t-they mean by this?

Wait, are all of their CPUs compromised?

...

>Intel
Maybe, but that site is wrong about AMD processors. We have no proof of it working on Ryzen CPUs.

You will also need bios patches. Just don't reboot or shutoff when you update your bios.

What if my mobo manufacturer has not provided a patch?

why does that ghost have a stick?

Branch attack

I'm just so demoralized at this point. I don't even want to do anything anymore. Everything's so fucked.

>running bindows 7 with ancile script
>open ASUS site to check if there's a BIOS update for my mainboard
>BSOD

:feelsbad:

Now whats the alternative to getting around this?

Running ubuntu with ryzen?

ubuntu supposedly bricks thinkpads
thinkpads and apple don't use ayylmao cpu's

Comon Sup Forums!!

We need to do our part.

We will always be vulnerable to things like these, unless we push for a world of Free and Open hardware, with schematics and all the details is the future.

AMD is literally the same shit as Intel.

i don't use intel microcode iojn my ubuntu, i'm safe?

no

Has there actually been any actual exploits out there in the wild yet? It's all PoC by this point so nothing really to worry about...

You wouldn't even know if your computer was exploited you fucking imbecile, that's how nasty this CPU security flaw is.

newsroom.intel.com/wp-content/uploads/sites/11/2018/01/Intel-Analysis-of-Speculative-Execution-Side-Channels.pdf

But the attacker will need to deploy some payload onto my system in the first place...

It's not like they can magically read my memory from thin air or anything

:feelsgood:

where did you get the hardware support from? Did a firmware update for the bios already come out?

I'm not a shill but you don't have much to worry about. As Snowden said, when you can access everyone's computer, you have no idea where to start. Safety in numbers

How do I access my intel ME?
There must be a way to boot into it right?

ASUS released one on the 4th for my Kaby Lake motherboard (H270-plus)

So you have to search for one for your specific motherboard and hope your manufacturer has released one? This shit won't be done via windows update? There isn't even an offical site from microsoft or intel where they link to all currently available firmware updates?

>access my intel ME?

Welcome to the world of closed source hardware, goy. Don't mess with our trade-secret protections or we will sue you!

>Do you use google?
Welcome to the botnet.

>These exploits, when used for malicious purposes, have the potential to improperly gather sensitive data. Intel believes these exploits do not have the potential to corrupt, modify or delete data. You should check with your operating system vendor and system manufacturer, and apply any available updates as soon as practical. Intel strongly recommends following good security practices that protect against malware in general. Doing so will also help protect against possible exploitation of these analysis methods.

>The researchers demonstrated a proof of concept, and Intel was able to replicate the findings. Intel is not currently aware of any malware based on these exploits. However, end users and systems administrators should apply any available updates as soon as practical, and follow good security practices in general.

>This is not a bug or a flaw in Intel products. These new exploits leverage data about the proper operation of processing techniques common to modern computing platforms, potentially compromising security even though a system is operating exactly as it is designed to. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Neither my server or my workstation are effected.

>The security researchers notified Intel and other companies about this issue in June 2017. Intel is committed to responsible disclosure. In this case, the security researchers presented their findings in confidence, and we and other companies worked together to verify their results, develop and validate firmware and operating system updates for impacted technologies, and make them widely available as rapidly as possible.

and after finding out how intel is fucked the coward ceo sold all gis share worth 38 million because how fucked the situation is.

Intel - NSA backdoors Meltdown and Spectre & Intel Management Engine - MINIX OS. Top Kek Kike CPU.

The shares worth isn't particularly important. What is important is
1. The timing.
Intel was notified in june, The order for the shares was put in october and finalised in november. The bug had 3 months to propagate within intel and reach higher management. And I guess that by early october it did.

2. The quantity.
The CEO of intel requires exactly 250,000 shares to remain CEO. The amount of shares that was sold was roughly 200,000, but the important thing is that he sold the maximum he could have to still remain CEO. He now owns exactly 250,000 shares, down from like 430,000.

yeah, go to AMD PSP instead

Insider trading, he should go to prison.

it can use a javascript to do that, directly from the browser

bump and checked

from the reports i read yesterday no, but this exploit existed since 1995 and was just discovered a few months ago until they announced it publicly (2018)
though i have a feeling its been exploit in the wild

yes the only way you can limit the damage is by usimg chrome isolation mode. its the only safe option I know though it sucks lot of CPU resources but still we have no other options.

its been used by every intelligence agency to spy on their citizens Im sure AMD hae this exploit too but in different ways somebody have to find out

Does anyone use an ASUS mainboard? Have they released a statement regarding firmware updates?

You're already pwnd son.

Why is CPU even allowed all those manipulations?

well, this sucks. I'm using furryfox...

Why is no one talking about the fucking firmware updates? How many people got them already? Can we expect them for even older motherboards? Why is there virtually no clear information on this neither on Sup Forums nor when I try to google it?

Because people are busy buying MCST R1000 powered SPARC machines.

I for one welcome our new Russian overlords.

is this the real stallman?

out of order execution and speculative branching allows for processors to run faster

Yes. It is.

Can someone help me by answering a few questions?

The recent Windows update is not distributed towards users who are missing a REG key stating their AV software is compatible with the update. I'm running Kasperky Free and according to Kasperky, their products are compatible with the update. Yet, I can not find the update in question in my update history.

How can I check wether the REG key does exist withing my system?

I tried checking my system for vulnerabilities using "Install-Module SpeculationControll" in PowerShell but I'm only running into an ERROR message. I'm running Win8.1 and I read that Win8.1 doesn't support this nor is it affected by Meltdown. Is this true?

I've downloaded the Windows update by hand, but I'm hessistant to install it without checking wether Kaspersky will fuck my PC up prior. I don't wanna run into a BOSD.

Thanks in advance.

open regedit and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion and search for QualityCompat
There should be a value cadca5fe-87d3-4b96-b7fb-a231484277cc = 00000x0 if your AV is compatible. If not, you have to manually add it.

>businessinsider.com
>can't into https
what year is it?

Intel have stated that they should have firmware patches for most hardware made in the last 4 years out by the end of next week. I doubt that Asus will feel the need to release a statement, it isn't their mess.
You'll simply need to keep visiting the Asus site for your board and keep checking if a new BIOS has been released.

So among the list of affected CPUs intel released it lists the 2nd up to 8th generation of intel core processors. What was the first generation and is it not affected?

Thank you!
The REG key in question does exist and it states 0x00000000 (0).

But I still can't find a Windows update since the third of january in my update history.

I'll try rebooting my system in a couple minutes and hope the update is being picked up.

how will intel distribute the firmware updates? Through the manufacturers websites? Through windows update? Through their own site? It's just fucking confusing how little information there is about what the process is going to be like.

>usimg chrome isolation mode
This one? #enable-site-per-process

Yes you'll be fine with only OS patches.

Don't you get it? Chrome isolation mode DOES NOT WORK AGAINST SPECTRE OR MELTDOWN.
The whole point of spectre is that it completely ruins sandboxing since it wrecks the OS at the CPU level.

>tfw ASUS Z-87A they might get around to updating in 8 months, shortly after I have purchased a new build.

>clicks the link
>waiting for that console hacker stuff will popup
>already decided that i will reformat and accept the ransomware hacker stuff
>nah its just a shitty bootstrap website harvesting that views from retards
fuck

install coreboot or change your shitty mobo

The only way to load patched microcode onto the CPU is through a motherboard bios / uefi update.

If your motherboard vendor doesn't issue a fix for your system at the UEFI level, you'll have to rely on your OS getting a patch for it.

Ideally, you'll get both the UEFI fix and OS fix.

newsroom.intel.com/news-releases/intel-issues-updates-protect-systems-security-exploits/

System updates are made available by system manufacturers, operating system providers and others.

Intel will continue to work with its partners and others to address these issues, and Intel appreciates their support and assistance. Intel encourages computer users worldwide to utilize the automatic update functions of their operating systems and other computer software to ensure their systems are up-to-date.

Me (, ) again.

As stated previously, the neccessary REG key for receiving the Jan03 update does exist in my system. Thus I should have been getting said update.

However, I can not find the update in my update history.

I downloaded it manually and tried to apply it. However, I'm only running into an ERROR message stating the update is incompatible with my system.

I thought maybe I downloaded an update for the wrong OS, but the following site clearly states it's for Win8.1:
support.microsoft.com/en-us/help/4056898/windows-81-update-kb4056898

What the heck am I doing wrong?

They laughed when I bought a Lemote Yeeloong.

They're still laughing at you now.

Good news is that this may prompt some OEMs to make more AMD laptops. Looking at AMD's selection right now and it's good, but they've been jewed by intel's PR and bribes, but bribes aren't good enough to overcome this shit. Least not at the market level.

>that's why the russians don't use it
>en.wikipedia.org/wiki/Elbrus_(computer)

Bla bla blya blya BLYAT!

Security Only Quality Update for Windows 7 KB4056897

download.windowsupdate.com/d/msdownload/update/software/secu/2018/01/windows6.1-kb4056897-x64_2af35062f69ce80c4cd6eef030eda31ca5c109ed.msu
download.windowsupdate.com/d/msdownload/update/software/secu/2018/01/windows6.1-kb4056897-x86_bb612f57e082c407b8cdad3f4900275833449e71.msu

Info: support.microsoft.com/en-us/help/4056897/windows-7-update-kb4056897

Security Only Quality Update for Windows 8.1 KB4056898

download.windowsupdate.com/d/msdownload/update/software/secu/2018/01/windows8.1-kb4056898-x64_ad6c91c5ec12608e4ac179b2d15586d244f0d2f3.msu
download.windowsupdate.com/d/msdownload/update/software/secu/2018/01/windows8.1-kb4056898-x86_76d9af6e8f3d2a6890ee1bad441acf43c4124dce.msu

Holy fucking dolphin porn bro.

If you are running Windows 10 version 1709 (Fall Creators Update), the patch you need is labeled Security Update for Windows (KB4056892).

For older versions of Windows 10, here are the patch numbers:

Windows 10 version 1703 (Creators Update): KB4056891
Windows 10 version 1607 (Anniversary Update): KB4056890
Windows 10 version 1511 (November Update): KB4056888
Windows 10 version 1507 (Initial Release): KB4056893

I've been that way for years, just drudging on through waiting for the shift.

I'm running Win8.1, though.

I just used download links and NOW it's working.

Thanks to both of you.

So Microsoft is going to release the intel microcode updates via windows update?

So is it just these for now? Nothing for Spectre?

I wonder when we'll get to the point when the bigger computer you have, the more powerful it will be, because of the transistor density limit. Maybe then cheap/manycore CPUs like the Chinese SW26010 will rule the world. And nerds will have basements with fridge-sized rigs.

weird. It could be microsoft is rolling out these updates delayed or something. I didn't get any update yesterday either despite my AV being compatible, so I manually downloaded and installed the security patch for win 7 and then today I got the monthly security rollup that you usually get on patch tuesday.

>I'm running Win8.1, though.

my bad, I skimmed your post and saw the error message. I had the same error when I patched my system because I had downloaded the win10 (1709 patch) unaware that build 1703 had a completely separate patch. Incorrectly assumed you made the same error

remove mentions of satanic things and they're almost never wrong