Advice Request AppGuard + Spectre/Meltdown

Please provide comments and solutions that are helpful to the author of this topic.

ParaXY

Level 6
Thread author
Verified
Mar 14, 2017
273
Hi All

I'm sure you've all been following the news of Meltdown/Spectre.

I'm a (very satisfied) AppGuard user and was wondering if AppGuard can or does help with the issues we are facing with Meltdown/Spectre?

I know you need to install OS patches, firmware updates etc etc but in my case my PC is over 5yrs old and I highly doubt there will be any firmware/BIOS updates so can/will AppGuard help at all protect from these threats?
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
As long as nothing with a code that tries to exploit meltdown/spectre runs on your system then you are protected. So if appguard or any anti exe, anti malware, antivius, srp, god himself stops the payload you are ptotected and if not you are not protected. Not going to go into details when it stops and when it doesn't because as a user you should already know that.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Hi All

I'm sure you've all been following the news of Meltdown/Spectre.

I'm a (very satisfied) AppGuard user and was wondering if AppGuard can or does help with the issues we are facing with Meltdown/Spectre?

I know you need to install OS patches, firmware updates etc etc but in my case my PC is over 5yrs old and I highly doubt there will be any firmware/BIOS updates so can/will AppGuard help at all protect from these threats?
Aside from what @SHvFl already said, you should see to it that your browser is protected. If Firefox, it needs the recent update. If Edge, it needs the recent Microsoft update. If Chrome, you should go and enable the flag for strict site isolation.

The idea is to block the attack vectors. AppGuard is blocking execution of files in user space. Your browser is protecting you from web exploits. And so far, there are no reports of other attack vectors, AFAIK.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
Aside from what @SHvFl already said, you should see to it that your browser is protected. If Firefox, it needs the recent update. If Edge, it needs the recent Microsoft update. If Chrome, you should go and enable the flag for strict site isolation.

The idea is to block the attack vectors. AppGuard is blocking execution of files in user space. Your browser is protecting you from web exploits. And so far, there are no reports of other attack vectors, AFAIK.
Hmm you are correct. Didn't expect Chrome to be slacking so much and patch 3 weeks later. Worse idea ever.
 
5

509322

Hi All

I'm sure you've all been following the news of Meltdown/Spectre.

I'm a (very satisfied) AppGuard user and was wondering if AppGuard can or does help with the issues we are facing with Meltdown/Spectre?

I know you need to install OS patches, firmware updates etc etc but in my case my PC is over 5yrs old and I highly doubt there will be any firmware/BIOS updates so can/will AppGuard help at all protect from these threats?

I haven't been following it.

Meltdown and Spectre are vulnerabilities (Meltdown and Spectre). You have to apply mitigation patches as required by the hardware\firmware and\or BIOS. There are also program patches\modifications to be made per the publishers. For example, the Google Chrome browser set flag for strict site isolation. I don't have a complete list of everything that needs to be done. That will get all sorted out over the coming months by Intel, Microsoft, the OEMs and the various publishers. Expect stuff being said now to be revised in the coming months.

AppGuard is SRP. AppGuard is not anti-exploit. Even an anti-exploit product is not going to protect an unpatched Meltdown\Spectre system -- something you guys just aren't getting.
 
Last edited by a moderator:
5

509322

I did not notice any slowdown in Chrome after enabling the flag.

It just uses more memory. That is why Google states the flag is not enabled by default. It's not a CPU utilization issue, but a memory consumption issue. Systems with already insufficient RAM will have further degraded performance. Those with limited RAM right on the edge will be pushed right over.
 
Last edited by a moderator:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
It just uses more memory. That is why Google states the flag is not enabled by default. It's not a CPU utilization issue, but a memory consumption issue. Systems with already insufficient RAM will have further degraded performance. Those with limited RAM right on the edge will be pushed right over.
Yeah, when I used to see about 650-700 mb Ram usage for Chrome, now I see around 850 mb. If I only had 4 gb Ram, I would not be happy about that.
 
  • Like
Reactions: meltcheesedec
P

pupbuster

This might help you
image.png.573258b219632358b4b1d37dc6964d4d.png
.
 
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top