Sizes against spectrum and collapse

The world is currently patchrated on many fronts against the discron of known attack options and the collapse, which have been created by an architectural error in the Intel, AMD and Arm CPUs. Microsoft, Mozilla, Google and other producers have already reacted with the first patches. Corresponding test programs are now available. However, some virus scanners cause problems with the patch.

Security gap in almost all CPUs

A security gap in architecture in almost all CPU manufacturers of Intel, AMD and Arm processors allows up to three attack options, which are defined as Spectre 1, Specter 2 and Meltdown. This security gap is currently threatening systems all over the world. Since the security gap cannot be exploited from the outside, the systems in particular are interested, which programs perform. In addition to the classic malice programs, this also includes web browsers who perform active content through JavaScript and HTML 5. For more information on safety gaps, see, for example, in an article CT specialist: «Analysis on the processor gap: Meltdown and Specter are a security supergau».

I notify: A list of which the CPUs are affected by the Specter and Security Meltdown has recently been published. AMD assumes that their CPUs are only susceptible to one of the two spectrum attacks.

Patch von Microsoft

Microsoft has had patches for the various versions of Windows, Internet Explorer and Microsoft Edge since January 3, 2018, which should contain errors in the CPUs under Windows.

Danger:
ATTENTION: Sometimes an obsolete virus scanner can prevent the delivery of the patches, as Microsoft describes in the article KB4072699. You can control it alone in the register below

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionQualityCompat

See if the secondary key there Cadca5fe-87d3-4b96-B7FB-A231484277CC with the reg_dword 0x00000000. Only then is it possible to install the necessary patches. If necessary, it is necessary to create the register of the register by hand.

The Microsoft patch, published for Windows 10 under KB4056892, is not currently not yet implemented on all systems, since problems can occur depending on the configuration. Here only patience helps until Microsoft has knocked on all possible problems with AMD processors, for example.

Microcodice for the necessary CPUs

However, manufacturers’ patches do not solve the real problem found in their respective CPUs, they can only make attacks difficult. Intel has therefore announced that it will soon be available for all older CPUs since 2013. However, these should be through the producers of the main about the customer, so that a «Bios update» is necessary.

Addendum 05.04.2018: Intel patch

In the meantime, Intel has declared that its micro -gray updates have ended up and provided for numerous CPUs, usually new updates for producers compared to 2010. With the exception of new processors such as Skylake, who have experienced a micro -coded update on Windows, the main abolish producers must provide updates in the form of Bios updates.

Other manufacturers also react

Since attacks are also possible via web browser, not only Microsoft has set Internet Explorer and Edge, but Mozilla Firefox also has an update to 57.0.4 and, of course, Adobe Flash an update. Nvidia Patch also his GeForce driver on the 390.65 version with a security update against Specter.

Tipp: Heise collects the safety instructions and updates of hardware and software producers in a constantly updated list. It is therefore advisable to look for updates more often.

Simple exam, both spectrum and collapse still interested

The control of the Meltdown Free Specter CPU from ASHAMPOO CHICKS with a click if the system is vulnerable. To do this, start the software and, after a brief analysis, can see directly if and which safety gaps are available from you.

For analysis, the program uses a Microsoft routine, which was published in KB4073119 and works under PowerShell, but needs some knowledge in the PowerShell for use. The Ashampoo test is a little more elegant here because it is easier to use.

Performance effects

According to experts, patch against spectrum and collapse attacks also have negative performance effects. What is compromise depends on the age of the CPUs and the application area. The Windows Terry Myerson boss has taken on a blog post for the loss of performance due to patches against Specter and Meltdown and comes to the conclusion that the most recent CPUs are almost significantly more slow under Windows 10. However, if you use the older CPUs (for example, Haswell Da Intel series), you should feel the loss of performance. Windows Server is the worst with activities such as database server or web server. A clear debut for performance would feel here.

Effects during the game

Eurogamer, on the other hand, is available in a series of «Digital Foundry-Meltdown and Specter tests: are the patches influence the game performance of your PCs?» To determine that the losses of performance during reproduction are not measured by an unpaid window.

(51 votes, media: 4.70 out of 5)

Loading …