Archive

Posts Tagged ‘Security’

Microsoft: Meltdown / Spectre – additional information – Performance

Guidance on how to check and enable or disable these mitigations can be found here:

Windows Server, version 1709 (Server Core Installation): 4056892

Windows Server 2016: 4056890

Windows Server 2012 R2: 4056898

Windows Server 2012: Not available

Windows Server 2008 R2: 4056897

Windows Server 2008: Not available

Windows 10 (RTM, 1511, 1607, 1703, 1709): available with 01/2018 CU

Windows 8.1: available with 01/2018 CU

Windows 7 SP1: available with 01/2018 CU

    Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems:

    https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/

    Protect your Windows devices against Spectre and Meltdown:

    https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown

    Windows operating system security update block for some AMD based devices

    https://support.microsoft.com/en-us/help/4073707/windows-os-security-update-block-for-some-amd-based-devices

    Additional guidance to mitigate speculative execution side-channel vulnerabilities:

    https://blogs.technet.microsoft.com/configurationmgr/2018/01/08/additional-guidance-to-mitigate-speculative-execution-side-channel-vulnerabilities/

    ConfigMgr Speculation Control Baseline FTW!

    https://blogs.technet.microsoft.com/configmgr_geek_speak/2018/01/09/configmgr-speculation-control-baseline-ftw/

    Performance:

    Here is the summary of what we have found so far:

    • With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.
    • With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance.
    • With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.
    • Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.

    Analyse zur Prozessorlücke: Meltdown und Spectre sind ein Security-Supergau:

    https://www.heise.de/newsticker/meldung/Analyse-zur-Prozessorluecke-Meltdown-und-Spectre-sind-ein-Security-Supergau-3935124.html

    Meltdown und Spectre: Die Sicherheitshinweise und Updates von Hardware- und Software-Herstellern:

    https://www.heise.de/newsticker/meldung/Meltdown-und-Spectre-Die-Sicherheitshinweise-und-Updates-von-Hardware-und-Software-Herstellern-3936141.html

    Patch gegen Spectre: Aktualisierte Nvidia-Grafiktreiber für GeForce und Quadro, Tesla-Treiber später

    https://www.heise.de/newsticker/meldung/Patch-gegen-Spectre-Aktualisierte-Nvidia-Grafiktreiber-fuer-GeForce-und-Quadro-Tesla-Treiber-spaeter-3937247.html

    Apple fixt Spectre in iOS 11 und macOS 10.13:

    https://www.heise.de/mac-and-i/meldung/Apple-fixt-Spectre-in-iOS-11-und-macOS-10-13-3936383.html

    Weißes Haus: NSA wusste nichts von Computerchip-Schwachstelle

    https://www.heise.de/security/meldung/Weisses-Haus-NSA-wusste-nichts-von-Computerchip-Schwachstelle-3935329.html

    Scripted Command Line OffCAT Scan

    Understanding Meltdown & Spectre: What To Know About New Exploits That Affect Virtually All CPUs

    https://www.powershellgallery.com/packages/SpeculationControl/1.0.2

    https://www.anandtech.com/show/12214/understanding-meltdown-and-spectre

    Meltdown and Spectre: A closer look at the recent CPU security flaws and how to protect yourself

    https://www.onmsft.com/news/meltdown-and-spectre-a-closer-look-at-the-recent-cpu-security-flaws-and-how-to-protect-yourself

    Microsoft responds to AMD and Intel processor exploits, now rolling out emergency fix:

    https://www.onmsft.com/news/microsoft-responds-to-amd-and-intel-processor-exploits-now-rolling-out-emergency-fix

    Microsoft to release emergency Windows Update to address Intel, AMD processors security concerns

    https://www.onmsft.com/news/microsoft-to-release-emergency-windows-update-to-address-intel-amd-processors-security-concerns

    KB4056892 bugs: Install fails, browser crashes, PC freezes, and more

    http://windowsreport.com/kb4056892-issues/

    Microsoft releases PowerShell script to check if your PC is vulnerable to Meltdown and Spectre:

    https://betanews.com/2018/01/05/microsoft-powershell-meltdown-spectre-script/

    Verifying Spectre / Meltdown protections remotely:

    https://blogs.technet.microsoft.com/ralphkyttle/2018/01/05/verifying-spectre-meltdown-protections-remotely/

    Lawsuits stack up against Intel over Meltdown and Spectre bugs:

    https://betanews.com/2018/01/05/intel-meltdown-spectre-lawsuits/

    Google answers your questions about Meltdown and Spectre vulnerabilities:

    https://www.blog.google/topics/google-cloud/answering-your-questions-about-meltdown-and-spectre/

    https://www.onmsft.com/news/intel-plans-to-patch-90-of-processors-from-past-5-years-by-the-end-of-next-week

    https://newsroom.intel.com/news-releases/intel-issues-updates-protect-systems-security-exploits/

    Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems:

    https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/

    Security Updates from the Win10 Fall Creators Update

    https://blogs.technet.microsoft.com/askpfeplat/2017/12/11/security-updates-from-the-win10-fall-creators-update/

    The FCU security updates I would like to discuss are:

    Exploit Guard

    • Exploit Protection
    • Attack Surface Reduction
    • Controlled Folder Access
    • Network Protection

    Application Guard

    Office 365 Advanced Threat Protection for SharePoint, OneDrive and Microsoft Teams now available

    Microsoft is extending support for Windows 10 version 1511 by six months

    https://blogs.technet.microsoft.com/windowsitpro/2017/11/14/progressing-windows-as-a-service/

    https://www.neowin.net/news/microsoft-is-extending-support-for-windows-10-version-1511-by-six-months

    Windows 10 v1511 EOL: April, 2018

    These updates will be available to anyone using Windows 10 Enterprise, version 1511 or Windows 10 Education, version 1511. Updates will be offered via all normal channels, including Windows Update, WSUS, Configuration Manager, and the Windows Update catalog.

    Demystifying Schannel