Advice Request Chip vulnerabilities and Emsisoft: What you need to know

  • Thread starter Deleted member 178
  • Start date

Please provide comments and solutions that are helpful to the author of this topic.

Do you worry about those vulnerabilities?

  • Yes

    Votes: 15 46.9%
  • No

    Votes: 17 53.1%

  • Total voters
    32
Status
Not open for further replies.
D

Deleted member 178

Thread author
On January 2nd, a major security vulnerability affecting Intel and other chipmakers came to light. These flaws, which were discovered much earlier by several researchers but kept under a non-disclosure agreement to allow time to coordinate a proper response, could allow potential exploits to access sensitive system memory information without permission.

As a result, all major tech companies including Intel, AMD, ARM, Microsoft, Google and Amazon are rushing to provide emergency patches before these vulnerabilities, dubbed Meltdown and Spectre, can be exploited by malicious programs and cause widespread harm.

But what makes these vulnerabilities so dangerous, how can you you ensure your devices will be protected, and what is Emsisoft doing to keep its customers safe?

Read more here


Important note from our lead developer for multi-AV users:

Fabian Wosar said:
Emsisoft Anti-Malware is compatible with the Windows update. We also just published an update that sets the compatibility flag for all users of the beta, stable and delayed update feed. Keep in mind, that Microsoft uses the same flag for all anti-virus vendors. That means if you are using multiple anti-viruses or anti-malware applications, you are risking one of those products, like Emsisoft Anti-Malware, flagging the system as compatible, even though one of your other products is not compatible. There is, unfortunately, nothing we can do to prevent this as Microsoft does not account for the scenario of multiple security products being installed on the same system. This is the perfect example why we are recommending against using multiple security products in parallel. For further information, feel free to stop by our blog.
 

Faybert

Level 24
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
This update (KB4056892) from January 3 came to me only on a machine mine, which I have installed Emsisoft Anti-Malware, but for my second computer has not yet arrived in Windows Update, in which I have G Data Antivirus installed, this means that G Data is not yet compatible with this emergency update?
 
D

Deleted member 178

Thread author
This update (KB4056892) from January 3 came to me only on a machine mine, which I have installed Emsisoft Anti-Malware, but for my second computer has not yet arrived in Windows Update, in which I have G Data Antivirus installed, this means that G Data is not yet compatible with this emergency update?
i have one machine without any 3rd party AV , and it doesn't get the update...
 

Emsisoft

From Emsisoft
Verified
Developer
Jul 27, 2013
42
MS doesn't determine if a product is actually incompatible or not. They simply assume that all AVs are not compatible and require them to publish a new version that sets a specific registry key that confirms compatibility and unlocks the Windows update. So all we had to do was add a few lines of code to set the registry key and compile a new build. MS approached us with that new requirement a few days ago and didn't let us more than a few hours to react before they published the update and made the relevant information public.

Those AVs that really crash when the update is installed are probably in big trouble now, as they may have to change their entire product core code for compatibility. Those with annual software release cycles and long testing periods may require quite a bit of time to publish new versions that unlock the Windows update.
 

CMLew

Level 23
Verified
Well-known
Oct 30, 2015
1,251
Let say I didn't patch the fixes. But I install EAM or anti-exe or SRP or HIPS. Will this vulnerability still pose a big threat?

I did some quick read on this Meltdown and Spectre thingy. What I understand this vulnerability will cause the malicious program to infect my system. Hence if the malicious program is contained/eliminated/blocked; thus will this vulnerability have no impact?
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
Well, this is not good news about the vulnerability of processors. But who is qualified to take advantage of this vulnerability. I think only a few can do it. that's why I'm calm.
 

boredog

Level 9
Verified
Jul 5, 2016
416
Does this MS patch just effect AV's or does it effect other security software as well, like Appguard, Voodooshield, Shadow Defender? I posted a few days ago how Shadow Defender was broken with latest insider build I got not all that many days ago.
 

DeepWeb

Level 25
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
Has any EAM user received the recent Windows updates via automatic Windows update? Even though the registry key is set to mark that my machine is compatible and I have no other issues it is still being blocked. Stuck on Windows 10 1709 build 16299.125. I know I can update via the Update catalog but I am just curious how many of us have received the update automatically.

Update: I found the issue. My hosts file was blocking Windows update servers. If you use Steven Black's Hosts file, delete it, then check for updates again.
 
Last edited:
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top