Personal computing discussed

Moderators: mac_h8r1, Nemesis

 
paul 343
Gerbil In Training
Topic Author
Posts: 2
Joined: Fri Dec 04, 2015 1:59 am

InSpectre shows Meltdown vulnerability in new build

Tue May 07, 2019 12:17 pm

Good day,

I have a new build that is showing vulnerability to Meltdown using InSpectre and the MS power shell query from the MS site. I have ensured the registry modifications are in place.

I am wondering if these products are showing this as the tests are out of date for the newer hardware? Note that this was not a fresh install for the OS as everything ran smoothly after attaching the C drive to the new mobo - well except this... The previous machine was a Z-97-A with an i5 4460.

It seems that Intel has hardware fixes for Meltdown Variant 3 and 5 but not 3a and 4... so as all firmware and OS is up to date I wonder if now the original approach to plugging the 3a and 4 variant is no longer relevant and thus showing as vulnerable?

Win 10 Pro 64bit - fully updated
i7 9700K
ASUS ROG Strix Z390-F


Thanks for any insight,

Paul
 
jihadjoe
Gerbil Elite
Posts: 806
Joined: Mon Dec 06, 2010 11:34 am

Re: InSpectre shows Meltdown vulnerability in new build

Wed May 08, 2019 12:51 am

IIRC InSpectre is indeed unaware of hardware-level mitigations in Coffee Lake-R.

The PowerShell script OTOH should properly show if you are protected, so maybe it just needs updating as well.
 
just brew it!
Gold subscriber
Administrator
Posts: 52648
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: InSpectre shows Meltdown vulnerability in new build

Wed May 08, 2019 6:26 am

Assuming this is a desktop build, I wouldn't stress about Meltdown too much. It is mainly a concern for service providers which allow multiple users to run code on the same physical CPU.

Spectre is the vulnerability which is of more concern for end users. And most of the mitigation for Spectre is on the software side (in your web browser's Javascript JIT compiler).
Nostalgia isn't what it used to be.
 
paul 343
Gerbil In Training
Topic Author
Posts: 2
Joined: Fri Dec 04, 2015 1:59 am

Re: InSpectre shows Meltdown vulnerability in new build

Wed May 08, 2019 12:26 pm

Thanks,

Perhaps just too curious... but for more background for anyone interested:

The PowerShell Speculation Control Settings result that was causing concern (in association with the InSpectre result):

Speculation control settings for CVE-2018-3639 [speculative store bypass] (ie variant 4)

Hardware is vulnerable to speculative store bypass: True
Hardware support for speculative store bypass disable is present: True
Windows OS support for speculative store bypass disable is present: True
Windows OS support for speculative store bypass disable is enabled system wide: False

The intel site does indicate that the solution for 9th gen processors is firmware and OS for variant 4, and the OS is not doing anything in this case (I think). Perhaps that is where all this started, and perhaps there are so many variants I have crossed something up...

Anyway, the above test result does indicate hardware support, perhaps meaning that software support is now not required?... Out of interest, the intel hardware fix is for variants 3 and 5 only and not for variant 4. So I was thinking that the OS not disabling anything for speculative store bypass (variant 4) is perhaps leaving the machine vulnerable.

As was mentioned above, probably nothing to worry about anyway as it is just a home computer, but it was me just trying to dig into the details...

Cheers all,

Paul
 
LoneWolf15
Silver subscriber
Gerbil Elite
Posts: 906
Joined: Tue Feb 17, 2004 8:36 am
Location: SW Meecheegan

Re: InSpectre shows Meltdown vulnerability in new build

Sun May 12, 2019 9:17 pm

just brew it! wrote:
Assuming this is a desktop build, I wouldn't stress about Meltdown too much. It is mainly a concern for service providers which allow multiple users to run code on the same physical CPU.

Spectre is the vulnerability which is of more concern for end users. And most of the mitigation for Spectre is on the software side (in your web browser's Javascript JIT compiler).


Also note that as far as I've seen, no matter what variant, the number of exploits "in the wild" as the phrase goes, is still zero.

JihadJoe is likely right though in that the programs are unaware of the fact that CoffeeLake-R has mitigations in hardware, and have probably not been adapted to the newest silicon.
i9-9900K @4.7GHz, GIGABYTE Z390 Aorus Pro WiFi, 32GB (2 x 16) G.Skill RipJaws V
Corsair 650D, Seasonic 1Kw Platinum PSU
2x Samsung 850 Pro 512GB, 1TB WD Black, NEC 7200 DVDRW
2x Gigabyte GTX 1070 Founders Ed. SLI, Dell 2408WFP-HC

Who is online

Users browsing this forum: No registered users and 1 guest