{"id":11135,"date":"2018-01-16T12:30:03","date_gmt":"2018-01-16T20:30:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/01\/16\/news-4906\/"},"modified":"2018-01-16T12:30:03","modified_gmt":"2018-01-16T20:30:03","slug":"news-4906","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2018\/01\/16\/news-4906\/","title":{"rendered":"InSpectre: See whether your PC's protected from Meltdown and Spectre"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Tue, 16 Jan 2018 11:16:00 -0800<\/strong><\/p>\n

If you\u2019re wondering whether your computer is susceptible to the latest b\u00eate noir<\/em>, Meltdown and Spectre, you can take the official Microsoft patch and, after a suitable amount of technical drudgery, come away with a result that doesn\u2019t answer much. Or you can try Steve Gibson\u2019s new InSpectre and \u2013 with suitable caveats \u2013 see some meaningful results and a few hints about catching up.<\/p>\n

Microsoft has a complex PowerShell script<\/a> that details your machine\u2019s exposure to the Meltdown and Spectre security flaws<\/a>. Running that script on all but the simplest and most up-to-date systems turns into a hair-pulling exercise, and the results are coated in 10 layers of technical gobbledygook.<\/p>\n

Here\u2019s what I mean. I just ran version 1.0.4 of the SpeculationControl Validation PowerShell script<\/a> on my main computer and, after crossing my fingers and allowing \u201csoftware from this untrusted publisher\u201d to run, came up with the enlightening analysis shown in the screenshot below.<\/p>\n

Microsoft’s\u00a0SpeculationControl Validation PowerShell script results aren’t exactly easy to decipher.<\/p>\n

I\u2019m loathe to install any Windows updates right now, given their current dicey state, and my go-to production machine has an AMD processor. That combo produces a SpeculationControl rating that\u2019s 100% bad.<\/p>\n

Then I ran Steve Gibson\u2019s just-released InSpectre scanner<\/a>, and I got the overall report shown in this screenshot.<\/p>\n

InSpectre scanner offers\u00a0meaningful results that help users understand whether their PC is vulnerable.<\/p>\n

That matches my experience with this machine and, in looking at numerous other reports, I\u2019d say that Gibson has pretty much nailed it.<\/p>\n

InSpectre\u2019s a new program (less than 24 hours old at this point), and it\u2019s driving antivirus scanners crazy. I\u2019ve seen at least one notice<\/a> that Kaspersky Antivirus flags the download as a \u201cHeuristic\u201d Trojan. There are additional warnings from VirusTotal, Panda and Sophos. They\u2019re all false positives. If you download InSpectre from Steve Gibson\u2019s site, it\u2019s clean.<\/p>\n

To be sure, it\u2019s a \u201cversion 1.0\u201d product and, as Gibson says:<\/p>\n

We did not wish to delay this application’s release while building additional confidence in its conclusions and output. It has been carefully tested under as many different scenarios as possible. But new is new, and it is new. We may well have missed something. So please use and enjoy InSpectre now. But you may wish to check back in a few days to see whether we may have found and fixed some last bits of debris.<\/p>\n

If you\u2019re not particularly interested in taking a graduate level course in Windows translation lookaside buffers and context switches, InSpectre can help. I\u2019ve also just discovered a free Meltdown\/Spectre checker from German software vendor Ashampoo. The results from their Spectre Meltdown CPU Checker<\/a> match that from InSpectre on my machines.<\/p>\n

I continue to recommend that you hold off on this month\u2019s patches<\/a>\u00a0\u2013 that includes Windows patches, .NET patches, firmware patches, and more \u2013 but you should disable Equation Editor if you\u2019re in the habit of Enabling Edits on spurious Word documents. See my post <\/a>from last week, but also note 0patch has just released a fix that specifically plugs the Equation Editor security holes<\/a>.<\/p>\n

There are no known exploits for Meltdown or Spectre in the wild, although some are in development. (It\u2019s feasible that nation states have been using either or both for decades!) For regular Windows users, the most likely infection vector, when it arrives, will be via a web browser, and those are getting patched quickly.<\/p>\n

Wait until the dust settles on this month\u2019s patches before you install something that could clobber or cripple your machine.<\/p>\n

Share your InSpectre insights on the <\/i>AskWoody Lounge.<\/i><\/a><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Tue, 16 Jan 2018 11:16:00 -0800<\/strong><\/p>\n

\n
\n

If you\u2019re wondering whether your computer is susceptible to the latest b\u00eate noir<\/em>, Meltdown and Spectre, you can take the official Microsoft patch and, after a suitable amount of technical drudgery, come away with a result that doesn\u2019t answer much. Or you can try Steve Gibson\u2019s new InSpectre and \u2013 with suitable caveats \u2013 see some meaningful results and a few hints about catching up.<\/p>\n

Microsoft has a complex PowerShell script<\/a> that details your machine\u2019s exposure to the Meltdown and Spectre security flaws<\/a>. Running that script on all but the simplest and most up-to-date systems turns into a hair-pulling exercise, and the results are coated in 10 layers of technical gobbledygook.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[13764,714,10761],"class_list":["post-11135","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-pcs","tag-security","tag-windows-10"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11135","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11135"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11135\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11135"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11135"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11135"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}