Major Intel CPU vulnerability
-
@jimmy9008 said in Major Intel CPU vulnerability:
Does the update have a KB number and is it rolled out to supported devices via Windows Update?
I haven't seen them listed on any of the advisory pages, but this comes from the PatchManagement.org mailing list.
https://support.microsoft.com/en-us/help/4056893 (1507)
https://support.microsoft.com/en-us/help/4056888 (1511)
https://support.microsoft.com/en-us/help/4056890 (1607, Windows Server 2016)
https://support.microsoft.com/en-us/help/4056891 (1703)
https://support.microsoft.com/en-us/help/4056892 (1709)Edit: From BleepingComputer
https://support.microsoft.com/en-us/help/4056897 (Windows 7 SP 1, Windows Server 2008 R2 SP1)
https://support.microsoft.com/en-us/help/4056898 (Windows 8.1, Windows Server 2012 R2)They'll be out on Windows Update, and are already downloadable from the Windows Update Catalog. Again, they will only show in Windows Update if the registry condition is correct.
-
Michael Schwarz: "Using Meltdown to steal passwords in real-time" https://twitter.com/misc0110/status/948706387491786752
-
@dustinb3403 said in Major Intel CPU vulnerability:
So the part that really matters in the guide is this.
- 8 two-core packs will be the minimum required to license each physical server.
Microsoft doesn't seem to care about how the physical layout of your CPU setup is, so long as you're meeting the requirements.
This only makes sense - the physical sockets really don't matter anymore. It's good to see Licensing attempting to keep up.
-
I called up my AV vendor (Panda Security). They claim that they have tested against the new MS patches and currently there are no issues.
That said, they are still doing additional testing and have not released an update that inserts the registry key required so that Windows will auto update itself yet.
Their plan was to release their update Tuesday of next week (patch Tuesday) alongside Microsoft's update. The press releasing the information about the issue early has put them a bit behind, but they are still planning on releasing their AV update to insert the registry key.
-
Anyone else have any info on their AV provider?
-
@dashrender said in Major Intel CPU vulnerability:
Anyone else have any info on their AV provider?
SEP needs to be patched before the OS can be patched. Not surprising, considering it is Symantec.
-
Panda's page for Meltdown and Spectre
https://www.pandasecurity.com/uk/support/card?id=100059
Sadly, they aren't email blasting customers about this, instead they are waiting for customers to call to be added to an info alert list.
-
Does anybody know if Dell have released firmware for T630 server for the hardware? I cant seem to find that info on Dells site...
-its ok, think I've found it, and its this... Update
-
@jimmy9008 said in Major Intel CPU vulnerability:
Does anybody know if Dell have released firmware for T630 server for the hardware? I cant seem to find that info on Dells site...
-its ok, think I've found it, and its this... Update
Damn, on the bleeding edge on that one.
I looked for some HP things yesterday - nada.
I'm guessing by the end of January, we'll start seeing more firmware updates.
Now the question is, how far back are the vendors going to go?
-
@dashrender said in Major Intel CPU vulnerability:
@jimmy9008 said in Major Intel CPU vulnerability:
Does anybody know if Dell have released firmware for T630 server for the hardware? I cant seem to find that info on Dells site...
-its ok, think I've found it, and its this... Update
Damn, on the bleeding edge on that one.
I looked for some HP things yesterday - nada.
I'm guessing by the end of January, we'll start seeing more firmware updates.
Now the question is, how far back are the vendors going to go?
The new generation Servers are being patched faster at least by Dell. -
HMMM... —
Intel CEO sold all the stock he could after Intel learned of security bugI literally quoted the title as it says everything I could. . .
-
@dustinb3403 said in Major Intel CPU vulnerability:
HMMM... —
Intel CEO sold all the stock he could after Intel learned of security bugI literally quoted the title as it says everything I could. . .
That sounds suspiciously like insider trading.
-
@coliver That is why an investigation appears to be prepared in this.
-
@coliver said in Major Intel CPU vulnerability:
@dustinb3403 said in Major Intel CPU vulnerability:
HMMM... —
Intel CEO sold all the stock he could after Intel learned of security bugI literally quoted the title as it says everything I could. . .
That sounds suspiciously like insider trading.
hard to say.. the whole Scheduled for sale thing will be the key.
-
@dashrender said in Major Intel CPU vulnerability:
@coliver said in Major Intel CPU vulnerability:
@dustinb3403 said in Major Intel CPU vulnerability:
HMMM... —
Intel CEO sold all the stock he could after Intel learned of security bugI literally quoted the title as it says everything I could. . .
That sounds suspiciously like insider trading.
hard to say.. the whole Scheduled for sale thing will be the key.
Scheduled for sale after Intel management knew about the issue for over 5 months and before it was disclosed publicly that there was any issue.
Even if he made the same amount of capital from the sale as if he sold today it's still protecting "his" money.
-
@coliver said in Major Intel CPU vulnerability:
@dustinb3403 said in Major Intel CPU vulnerability:
HMMM... —
Intel CEO sold all the stock he could after Intel learned of security bugI literally quoted the title as it says everything I could. . .
That sounds suspiciously like insider trading.
And by suspiciously like, more like exactly like.
-
-
"The bad news is that the Kernel Page Table Isolation fix makes everything run slower on Intel x86 processors".
So does this not affect 64bit processors?
-
@irj said in Major Intel CPU vulnerability:
This might be the worst vulnerability we've seen to date...
You can plan for patching and maintenance. You cannot plan for unexpectedly losing resources. Can you imagine how many cloud providers this is going to affect. They share so many services across so many servers, I doubt they could afford to take a 30% resource hit. It could take down their whole environment.
I thought I read the performance hit only effects 32-bit processors? Did I read that wrong?
-
Seems like I saw a write-up on it, and it only made a couple of things significantly slower (at least in Linux).
