ParaXY

Level 6
Hi All

I'm sure you've all been following the news of Meltdown/Spectre.

I'm a (very satisfied) AppGuard user and was wondering if AppGuard can or does help with the issues we are facing with Meltdown/Spectre?

I know you need to install OS patches, firmware updates etc etc but in my case my PC is over 5yrs old and I highly doubt there will be any firmware/BIOS updates so can/will AppGuard help at all protect from these threats?
 

SHvFl

Level 35
Verified
Trusted
Content Creator
As long as nothing with a code that tries to exploit meltdown/spectre runs on your system then you are protected. So if appguard or any anti exe, anti malware, antivius, srp, god himself stops the payload you are ptotected and if not you are not protected. Not going to go into details when it stops and when it doesn't because as a user you should already know that.
 

shmu26

Level 83
Verified
Trusted
Content Creator
Hi All

I'm sure you've all been following the news of Meltdown/Spectre.

I'm a (very satisfied) AppGuard user and was wondering if AppGuard can or does help with the issues we are facing with Meltdown/Spectre?

I know you need to install OS patches, firmware updates etc etc but in my case my PC is over 5yrs old and I highly doubt there will be any firmware/BIOS updates so can/will AppGuard help at all protect from these threats?
Aside from what @SHvFl already said, you should see to it that your browser is protected. If Firefox, it needs the recent update. If Edge, it needs the recent Microsoft update. If Chrome, you should go and enable the flag for strict site isolation.

The idea is to block the attack vectors. AppGuard is blocking execution of files in user space. Your browser is protecting you from web exploits. And so far, there are no reports of other attack vectors, AFAIK.
 

SHvFl

Level 35
Verified
Trusted
Content Creator
Aside from what @SHvFl already said, you should see to it that your browser is protected. If Firefox, it needs the recent update. If Edge, it needs the recent Microsoft update. If Chrome, you should go and enable the flag for strict site isolation.

The idea is to block the attack vectors. AppGuard is blocking execution of files in user space. Your browser is protecting you from web exploits. And so far, there are no reports of other attack vectors, AFAIK.
Hmm you are correct. Didn't expect Chrome to be slacking so much and patch 3 weeks later. Worse idea ever.
 
5

509322

Hi All

I'm sure you've all been following the news of Meltdown/Spectre.

I'm a (very satisfied) AppGuard user and was wondering if AppGuard can or does help with the issues we are facing with Meltdown/Spectre?

I know you need to install OS patches, firmware updates etc etc but in my case my PC is over 5yrs old and I highly doubt there will be any firmware/BIOS updates so can/will AppGuard help at all protect from these threats?
I haven't been following it.

Meltdown and Spectre are vulnerabilities (Meltdown and Spectre). You have to apply mitigation patches as required by the hardware\firmware and\or BIOS. There are also program patches\modifications to be made per the publishers. For example, the Google Chrome browser set flag for strict site isolation. I don't have a complete list of everything that needs to be done. That will get all sorted out over the coming months by Intel, Microsoft, the OEMs and the various publishers. Expect stuff being said now to be revised in the coming months.

AppGuard is SRP. AppGuard is not anti-exploit. Even an anti-exploit product is not going to protect an unpatched Meltdown\Spectre system -- something you guys just aren't getting.
 
Last edited by a moderator:
5

509322

I did not notice any slowdown in Chrome after enabling the flag.
It just uses more memory. That is why Google states the flag is not enabled by default. It's not a CPU utilization issue, but a memory consumption issue. Systems with already insufficient RAM will have further degraded performance. Those with limited RAM right on the edge will be pushed right over.
 
Last edited by a moderator:

shmu26

Level 83
Verified
Trusted
Content Creator
It just uses more memory. That is why Google states the flag is not enabled by default. It's not a CPU utilization issue, but a memory consumption issue. Systems with already insufficient RAM will have further degraded performance. Those with limited RAM right on the edge will be pushed right over.
Yeah, when I used to see about 650-700 mb Ram usage for Chrome, now I see around 850 mb. If I only had 4 gb Ram, I would not be happy about that.
 
  • Like
Reactions: meltcheesedec
P

pupbuster

This might help you
image.png.573258b219632358b4b1d37dc6964d4d.png
.
 
Last edited by a moderator: