Use InSpectre to see if you’re protected from Meltdown and Spectre

Esteemed programmer and computer security advocate Steve Gibson has been doing his thing as the Gibson Research Corporation since 1985. I've personally made great use of his SpinRite disk repair software. Gibson's latest app, InSpectre, is decidedly more topical. This tiny free app for Windows can analyze your machine and determine whether you're vulnerable to the Meltdown and Spectre security flaws.

InSpectre is less than an eighth of a megabyte, and it's a free download from Gibson Research's website. The app will briefly scan your system to determine if you're vulnerable to either of the exploits and then offer a brief explanation of why. It also will tell you if your PC's performance has been significantly impeded by the fixes for those flaws. If you run InSpectre with administrative permissions, you can use it to toggle the fixes on and off—although doing so requires a system reboot each time.

This app is incredibly handy for anyone who wants to study the performance implications of the patches on their system. It's also useful for slightly-paranoid folks who want to make sure they're protected against the newest CPU-related security holes. You can head to Gibson Research's website to grab InSpectre, although you'll need to use a non-Microsoft browser as the app is flagged as malware by Windows SmartScreen. Chrome, Firefox, Opera, and other browsers shouldn't have an issue, though.

Comments closed
    • davidbowser
    • 2 years ago

    Gibson is a crusty old bastard (like me) so I give him grudging respect.

    The hidden gem from him is the ShieldsUP service. If you ignore the DEFCON level warnings, you have a decent, quick and dirty external port scanner for when you are setting up a new firewall.

    • yeeeeman
    • 2 years ago

    Protected by whom? WTF cares about my PC? You don’t have anything else to write? Man, I saw something like 10 articles in the last week about his s**t. This is a problem for enterprises and PCs used in trading and stuff. Who the f*** looks on a normal user PC? What to steal? His desktop pictures or what?
    Please, get over it…

      • K-L-Waster
      • 2 years ago

      Online banking logins?

      Steam account login?

      GMail and Facebook login?

      Nah, home users don’t care about those getting out….

    • pogsnet1
    • 2 years ago

    [url<]https://www.grc.com/inspectre.htm[/url<] The website looks so 90s... My eyes not protected 🙁 🙁 🙁 I'm dead...

      • crabjokeman
      • 2 years ago

      Meh. Go find a site that tells you not to worry your pretty little head about it and breathe a sigh of relief.
      Function > Form

    • psuedonymous
    • 2 years ago

    “From the author of SpinRite” should be a big red flag. Software that performs the read/write head equivalent of a voodoo dance and then demands you ‘recover’ data to [i<]the same faulty drive you are reading it from[/i<]? Nope, no thanks. Not unless an actual recovery house has already failed and I'm willing to try 'alternative recovery' methods like spinrite or the blood sacrifice of small furry creatures.

      • Captain Ned
      • 2 years ago

      I just knew a Gibson-hater would come out of the woodwork sooner or later.

        • psuedonymous
        • 2 years ago

        It’s a piece of software that may have been useful in the days before the GMR head (i.e. HDDs made in the 70s and 80s) but is irrelevant at best and actively harmful at worst* today. “I tried SpinRite” generally means any chance of a drive being recoverable has been eliminated, through a combination of mashing up the heads and overwriting the rest of the drive.

        * Today, you’re far, [i<]far[/i<], more likely to encounter a physical issue than have a domain degrade. In that event, whacking the head over that defect is the absolute worst thing you can do if you ever want to get any data off of that drive.

        • Bauxite
        • 2 years ago

        His heart is in the write place but he gives bad alarmist direction or advice for some things and digs his heels in never changing.

          • jihadjoe
          • 2 years ago

          Considering what Big Brother has shown us recently, these days I tend to side with alarmists. And Stallman.

    • Klimax
    • 2 years ago

    There is also PowerShell script:
    [url<]https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution[/url<] Although article is about Windows Server, at least verification works for desktop Windows too. BTW: So far no apparent performance degradation on Core i7-3930k aka Sandy Bridge -E. (i9-7920X is obviously good)

    • TwoEars
    • 2 years ago

    I can see no security implications at all with running this program as administrator.

      • Klimax
      • 2 years ago

      He is well known, so as long as it is signed it shouldn’t be problematic.

      And if you want to avoid even this case, there is PowerShell module to check this:
      [url<]https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution[/url<]

        • TwoEars
        • 2 years ago

        He is well known, but any server admin running something like this rather than the MS power shell module is irresponsible IMHO.

          • sleeprae
          • 2 years ago

          Except, the PS module as published requires PowerShell 5.0 or later, and installs directly from the PS Gallery. That’s great if you’re already running Win2016 everywhere or have Windows Management Framework 5 or later installed, but if you haven’t had a need to, you probably don’t. If you have servers that cannot make direct http calls, you also need a different solution.

          So, you can either install WM Framework, reboot, then install the module and run the script (plus potentially enable http access), or you can deconstruct the script from the module on the gallery to run yourself, or run a nice simple utility from a reasonably well-respected name in security–even if he does sometimes exaggerate.

          I would suggest that a mixed approach with multiple solutions available to meet your environment’s needs is a Good Thing(tm).

            • Chrispy_
            • 2 years ago

            This.

            Some servers (a majority of mine, actually) cant reach the web by design.

            • Klimax
            • 2 years ago

            You don’t need to do that.
            That link contains guide also for that case!
            See “PowerShell Verification using a download from Technet (Earlier OS versions/Earlier WMF versions)”

            Microsoft has covered both bases…

            • sleeprae
            • 2 years ago

            Eventually they did. It looks like they added the 2nd part on Jan 9, well after some of us had already completed the initial round.

            Still, a good addition to be sure.

      • jihadjoe
      • 2 years ago

      No different than a server admin running third party management tools.

    • Welch
    • 2 years ago

    Gibson Research is always badass, appreciate the tools every time there is some sort of dumb software bug or Microsoft tries to force an OS on you…

    • ronch
    • 2 years ago

    Clever naming. Much cleverer than, say, Aquabolt or Sempron.

    • arunphilip
    • 2 years ago

    Thanks for the PSA, and huge thanks to GRC for this utility. Very simple and clear, and clearly spells out the situation on a PC.

    • arunphilip
    • 2 years ago

    Ugh, why does ‘Windows Defender SmartScreen’ think the GRC.com website is unsafe?

    Do I continue? Don’t I? Do I? Don’t I?

    Edit: Screw it, got the download using Chrome. Quoting from the site:

    [i<][b<]BOGUS “SmartScreen” WARNING from Edge and IE11 Browsers[/b<] Windows Defender “SmartScreen” appears to have decided that InSpectre is malware. This also happened briefly after the release of our Never10 utility. In this case, it is likely due to the fact that InSpectre's initial release was triggering anti-virus scanners due to the program's use of a specific registry key used to enable and disable the Meltdown and Spectre protections. The second release obscures its use of that (apparently worrisome) key and now appears to pass through most A/V without trouble. So we are hopeful that this SmartScreen false alarm will disappear soon. In the meantime, PLEASE do not get a copy of this program from any 3rd-party download site, since that one could actually be malicious. If you have any non-Microsoft web browser (Chrome, Firefox, Opera, etc.) you should be able to obtain and use InSpectre without trouble. If you have a friend who is using some other computer (Windows 7 has no problem with this either) ask them to grab it from here and send it to you. Since the program is only 122k (written in assembly language) it's feasible to eMail it.[/i<]

      • Chrispy_
      • 2 years ago

      Honestly, there’s a lot of support for Edge because it’s a step in the right direction, but I still have a low opinion of people who proclaim that Microsoft make decent browsers.

      “Suffer at your own risk” is what I say to IE and Edge users.

      • Redocbew
      • 2 years ago

      This should also make you very worried about the ease with which most A/V scanners can be fooled into giving potentially harmful software a pass.

        • Bauxite
        • 2 years ago

        Yep “ok its obfuscated now so it’ll pass” lol.

    • JustAnEngineer
    • 2 years ago

    Confirmed that my Windows 10 and i7-8700K are both patched. The text of the analysis is nicely reassuring. It’s like reading “Don’t Panic!” in large friendly letters.

    • mikewinddale
    • 2 years ago

    Anyone know if there’s a Linux equivalent for this app? I might try to run it in WINE, but I am skeptical whether the output will be reliable, given the nature and sensitivity of the task.

      • chuckula
      • 2 years ago

      Meltdown is simple: just run [code<]dmesg | grep isolation[/code<] and you should see something like this: [quote<][ 0.000000] Kernel/User page tables isolation: enabled[/quote<] (make sure the entry is present and says "enabled") As for Spectre there's this script: [url<]https://github.com/speed47/spectre-meltdown-checker[/url<] but I make no warranty as to if it is good/bad/otherwise.

        • just brew it!
        • 2 years ago

        I can confirm that KPTI is [u<]disabled[/u<] on my AMD FX-8350 with latest kernel patch from Ubuntu. This seems to be consistent with reports I've been seeing that it is being disabled on AMD CPUs, in line with AMD's claim that they are not vulnerable to Meltdown. Haven't run the Spectre checker script yet. Maybe if we'd known about Meltdown 6 years ago, performance of AMD FX CPUs would've been more competitive with Intel's contemporaneous offerings... 😉

        • notfred
        • 2 years ago

        I took a look through the script and it seems to be doing the kind of things I would expect. I wouldn’t warranty it, but I felt good enough about it to actually run it. My work laptop is immune to Meltdown but vulnerable to both Spectre variants.

    • ludi
    • 2 years ago

    On look, an InSpectre Gadget.

      • Waco
      • 2 years ago

      I groaned, out loud. Have some thumbs because that was perfect.

      • bthylafh
      • 2 years ago

      ಠ_ಠ

      • Chrispy_
      • 2 years ago

      You’ve won at internetting; That’s my favourite pun from this whole debacle so far.

      • drfish
      • 2 years ago

      *in awe*

      • chuckula
      • 2 years ago

      Go Go Gadget upthumb!

      • Mr Bill
      • 2 years ago

      I give it three thumbs up!

    • Freon
    • 2 years ago

    Gigabyte just posted a BIOS update for me, confirmed it fixes Spectre with this tool. Meltdown was already covered.

      • bthylafh
      • 2 years ago

      Asus still hasn’t posted an updated BIOS for my Z370 board.

        • euricog
        • 2 years ago

        Same for my MSI’s Z370, nothing yet

        • Kevsteele
        • 2 years ago

        Which Z370? The ASUS Z370 boards were one of the first to be updated – they released a bunch on the day of the announcement (Jan. 4), and my ROG Strix Z370-E was included.

      • End User
      • 2 years ago

      Motherboard?

        • Freon
        • 2 years ago

        Z170

    • Kretschmer
    • 2 years ago

    Hmm I’m running WIn10 Home on a 7700K; shouldn’t I be patched, already?

      • chuckula
      • 2 years ago

      Meltdown: Yes if you have updated.
      Spectre: That’s a little trickier.

        • Kretschmer
        • 2 years ago

        Interesting. Is the Spectre fix dependent on some party other than Intel and Microsoft? I can’t imagine that a K-series Kaby Lake would be far down the line of CPUs to rectify.

          • barich
          • 2 years ago

          There’s a CPU microcode update required, which is part of your system firmware. Intel has updated the microcode (though there are apparently some stability issues with it), but your system or motherboard vendor has to integrate that into a UEFI/BIOS update and you have to install it.

    • chuckula
    • 2 years ago

    You paid shills deny the fact that Intel knew about these bugs for decades?!?!

    Just look at this website from 1998 that proves they knew!

      • anotherengineer
      • 2 years ago

      Nah, that’s so it loads fast on my 56k modem.

Pin It on Pinterest

Share This