A critical flaw was found in all Intel processors launched in the past decade. The vulnerability can allow an attacker to gain access to protected kernel memory. This chip-level security flaw cannot be fixed with a CPU microcode (software) update. Instead, it requires modification of the OS kernel. Earlier today, Microsoft released security patches for Windows 10. The appropriate patches are now available for Windows 7 and Windows 8.1.
Here are some details.
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.
Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre. Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.
Refer to these web sites:
Patches have already been released for Windows 10, Linux and macOS. Now, the same updates are available for Windows 7 and Windows 8.1.
Download CPU flaw fixes
Also, the updates can be downloaded from the Windows Update catalog.
An unfortunate consequence of this security vulnerability is that its patches are expected to slow down all devices anywhere between 5 to 30 percent depending on the processor and software being used. Even ARM and AMD CPUs may get performance degradation due to fundamental changes in how the OS kernel works with memory. According to Intel, processors with PCID / ASID (Skylake or newer) will have less performance degradation.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
Hmmm
OK I have a choice here: either I except that I can never again connect my computer to the internet or I can except a 30% slowdown. Since it is impossible to maintain or update my software without some sort of connection to the internet, either direct or indirect I have no choice but to accept a 30% reduction in performance. That sounds an awful lot like Intel sold me a defective computer chip. Therefore I would like to know how to begin a class action suit against intel….
Just burn a linux boot onto a usb stick and when you need to turn on your network adapter for anything in windows that isnt steam, battlenet or the like or an online multiplayergame then restart and boot from the stick and do it in linux then go back to windows for gaming. I already can hit %100 cpu in some newer games I play such as battlefront 2 at points, especially on crait map, so I have no choice but to not install this patch until I get a new processor , which requires a new board and actually new ram as well in my case right after bspending $500 on a gpu and $150 on a power supply and then missing a couple of bills lol. Guess in 2 to 3 weeks, I will be pirating everything i consume in linux form a usb stick then booting back into windows to play the movies and install the games (from standard trusted priate sources) and I’ll even have to pirate indie games for a month or two which I pay for usually. At least until i get a decent new build setup that could soak up this patch’s hit. definitely gonna buy a ryzen now, instead of one of the newer intels I had my eyes on. i won’t reward them for this major pain in my azz especially with it’s horrible timing when it comes to expenses.
at least you have class action in your country!
Oh my god! Thank you
Interestingly, KB4056897 (for Windows 7) doesn’t seem to be appearing for me on Windows Update, only KB4056894 (the monthly rollup). Is there any way to tell whether KB4056897 is included in KB4056894? Or am I not being recommended KB4056897 because I don’t have an Intel processor?
To be honest, I don’t know.
I haven’t updated my machines yet.
Mostly because I have double-boot configurations here.
Says update not applicable on a core2duo laptop.
Win 7 pro sp1 x64
Weird, pretty sure it is affected
The performance slowdown looks to be only 3% as tested by a serious gamer: https://overclock3d.net/reviews/software/windows_10_meltdown_spectre_patch_performance_impact_assessment/11
Performance degradation affects mainly enterprise servers and software.
Home/small office users are likely not have any impact on performance at all.
In later patches, there is a significant performance degradation for Windows 7 and 8.1: https://msfn.org/board/topic/177526-windows-81-patch-performance-findings-not-surpisingly-the-latest-patches-are-costly/?page=1 . Don’t apply these patches right away, nobody is exploiting the vulnerabilities anyway. I am keeping my 7 and 8.1 system free of these speed killing patches. Only for the very newest CPUs (Ice Lake) and Windows 10 19H1 where these mitigations are integrated, so you have no choice you can’t escape them, otherwise you lose performance.