LASER_oneXM

Level 35
Verified
source (bleepigcomputer.com): Apple Releases Security Updates for Spectre CPU Flaw

Apple has released today security updates to mitigate the effects of the Spectre vulnerability that affects processors deployed with Apple devices such as smartphones, tablets, and desktop computers.

The patches mitigate two security bugs (CVE-2017-5753 and CVE-2017-5715) collectively referred to as Spectre.

Apple released macOS High Sierra 10.13.2, iOS 11.2.2, and Safari 11.0.2, all which include mitigations for Spectre.

The company previously patched the Meltdown flaw (CVE-2017-5753) in December 2017 with the release of iOS 11.2, macOS 10.13.2, and tvOS 11.2.

Meltdown and Spectre are two vulnerabilities that affect almost all modern processors. Meltdown only affects Intel CPUs, while Spectre affects processors from Intel, AMD, and ARM.

Both allow attackers to retrieve data from a device's processor memory, both from the secure area of the kernel, but also from other apps running on the PC.

A Google security expert found these flaws based on his work and by research published by multiple other academics. Google disclosed the existence of these CPU flaws last week.

Shortly after Google's disclosure, Apple issued a press release revealing it secretly patched Meltdown and promised to release security updates to mitigate Spectre this week.

Users should not ignore today's updates as Spectre is the only flaw of the two that can also be exploited remotely, via JavaScript code hidden on a web page.


Linux, Microsoft, Mozilla, Cisco, and many other hardware and software vendors released updates or mitigation advice. You can find a complete list here.
 

Slyguy

Level 43
Intel is funny, but pathetic. They obviously prepared a huge blitz of positive press for when Meltdown was revealed. In the last 4 days they've released about a dozen press releases on 'positive' things about Intel in attempts to push the negatives off the trending charts. A sampling of those press releases are;

Intel's New Chips Are More Brain-Like Than Ever
Intel just showed off its first self-driving car
Ferrari takes Intel racing with three-year partnership
Intel Opens Los Angeles Studio for Volumetric VR / AR Video Productions
It's Actually an Intel Chip: Rivet Networks Launches the Killer Wireless-AC 1550
New Intel Thunderbolt 3 Controllers Add DisplayPort 1.4, Better USB-C Support
Intel Officially Launches New 8th Gen Chip With AMD Radeon RX Vega Graphics
 

LASER_oneXM

Level 35
Verified
source (cloudblogs.microsoft.com): Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems

Performance
One of the questions for all these fixes is the impact they could have on the performance of both PCs and servers. It is important to note that many of the benchmarks published so far do not include both OS and silicon updates. We’re performing our own sets of benchmarks and will publish them when complete, but I also want to note that we are simultaneously working on further refining our work to tune performance. In general, our experience is that Variant 1 and Variant 3 mitigations have minimal performance impact, while Variant 2 remediation, including OS and microcode, has a performance impact.

Here is the summary of what we have found so far:

  • With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.
  • With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance.
  • With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.
  • Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.
For context, on newer CPUs such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation. Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel. We will publish data on benchmark performance in the weeks ahead.
 
P

plat1098

Right--you know, this is an outrage. There's a loophole to the Microsoft Windows 10 upgrade at the moment that will reportedly close January 16. If Microsoft has any remnants of a heart, it would extend this still further to accommodate those still on Windows7/8/8.1 who would be fleeing these anticipated performance issues. Of course, it's not obligated to do this. But I hope it's happening.
 

LASER_oneXM

Level 35
Verified
source (bleepingcomputer.com): Microsoft: Performance Dip on Old Windows Versions Due Meltdown & Spectre Fixes

"For context, on newer CPUs such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation," Myerson said.

"Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel," the Microsoft exec added.
Many saw the slowdowns coming
The slowdowns were to be expected due to the nature of the bugs and the type of patching required to get them fixed. Many described the Meltdown and Spectre vulnerabilities as flaws in the basic design of modern processors, so the patches were expected to cause problems.
..
.
....
.....
Similar slowdowns on Linux, AWS

Some of the Meltdown and Spectre mitigations introduced in the Linux kernel caused similar performance dips to the ones now disclosed by Microsoft.
Initial estimations said the Linux Meltdown and Spectre patches would produce between 5% and 50% slowdowns, but further tests and benchmarks proved many claims exaggerated. RedHat cut down the performance penalties on its systems to a range from 1% to 20%.


Over the course of last week, it became apparent that many companies were affected. EpicGames and BranchMetrics both reported issues after applying the Meltdown and Spectre patches.

Many companies should expect their AWS cloud computing bill to go up because it now takes more time to process the same amount of data.
 

XhenEd

Level 27
Verified
Trusted
Content Creator
I was planning to buy a new lappy this year. Oh well... :cry:

But, I'm still gonna buy one. I don't have the patience to wait for more than a year just to have a non-vulnerable (Meltdown and/or Spectre) CPU. :LOL:

I'm planning to buy an affordable AMD Ryzen-powered laptop. If not, then there's always Intel's. :p
 

DeepWeb

Level 25
Verified
So.. I ran some benchmarks on my laptop and my computer is actually faster than it has ever been before? I have an Intel i7 4700MQ. Go figure. I installed the Windows update and the Intel microcode update however, waiting for HP to provide the last piece and then we will know for sure. Maybe Intel and Microsoft were smart enough to bundle the performance downgrade with some optimizations?
 
5

509322

I was planning to buy a new lappy this year. Oh well... :cry:

But, I'm still gonna buy one. I don't have the patience to wait for more than a year just to have a non-vulnerable (Meltdown and/or Spectre) CPU. :LOL:

I'm planning to buy an affordable AMD Ryzen-powered laptop. If not, then there's always Intel's. :p
I heard rumors that AMD will raise Ryzen prices due to the "Intel scandal." LOL

i9 is so slow to ship, it will be another year. Intel will be pushing i7-8XXX for another year, maybe two before we start seeing i9s in retail store systems at anything near prices non-enthusiasts will be willing to pay. I have yet to hear of an OEM production i9 laptop.
 
5

509322

Nothing would surprise me.

It doesn't surprise me that people are freaking out about this one either. The have no frame of reference. There are "bad or not good or just there - dependent upon your point of view" vulnerabilities that Microsoft, OEMs and hardware manufacturers have left in their products for years. People just aren't aware of those... even though they have been reported or mentioned from time to time in the press.
 
D

Deleted member 178

Nothing would surprise me.

It doesn't surprise me that people are freaking out about this one either. The have no frame of reference. There are "bad or not good or just there - dependent upon your point of view" vulnerabilities that Microsoft, OEMs and hardware manufacturers have left in their products for years. People just aren't aware of those... even though they have been reported or mentioned from time to time in the press.
Yes it was i said above, this one was over-reported, so people freaked out and press don't even mention/know that this can be mitigated in many ways.
 

XhenEd

Level 27
Verified
Trusted
Content Creator
I heard rumors that AMD will raise Ryzen prices due to the "Intel scandal." LOL

i9 is so slow to ship, it will be another year. Intel will be pushing i7-8XXX for another year, maybe two before we start seeing i9s in retail store systems at anything near prices non-enthusiasts will be willing to pay. I have yet to hear of an OEM production i9 laptop.
If not AMD Ryzen, I would just go for Intel Core i5. :D I don't consider buying i9, heck even i7. :D
My reason for going for Ryzen is not so much about the vulnerability (I know Ryzen is affected by Spectre), but really I just want to feel the hype about the new chip. :D
 

LASER_oneXM

Level 35
Verified
So.. I ran some benchmarks on my laptop and my computer is actually faster than it has ever been before? I have an Intel i7 4700MQ. Go figure.
... good idea: i also want to benchmark my machines before installing those terrible MS patches.....
Unfortunately i dont have any idea which benchmark software should i use...
...could anyone of you guys please post a download link...? :)