Quantcast
[ 3 / biz / cgl / ck / diy / fa / g / ic / jp / lit / sci / tg / vr / vt ] [ index / top / reports / report a bug ] [ 4plebs / archived.moe / rbt ]

Due to resource constraints, /g/ and /tg/ will no longer be archived or available. Other archivers continue to archive these boards.Become a Patron!

/g/ - Technology


View post   

[ Toggle deleted replies ]
File: 32 KB, 410x266, needful.jpg [View same] [iqdb] [saucenao] [google] [report]
64141987 No.64141987 [Reply] [Original] [archived.moe] [rbt]

Attention WINTEL USERS. After you install the MELTDOWN patch you need to ENABLE IT to make it come into effect:

>Customers need to enable mitigations to help protect against speculative execution side-channel vulnerabilities.

>Enabling these mitigations may affect performance. The actual performance impact will depend on multiple factors such as the specific chipset in your physical host and the workloads that are running. Microsoft recommends customers assess the performance impact for their environment and make the necessary adjustments if needed.

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

>> No.64142009

>>64141987
post the fucking link again, it seems cut off

>> No.64142028

HAAHAHA. It won't slow down your PC Intel said. It sure won't. It's not even activated. My fucking sides.

>> No.64142030

>>64142009

That's the link, blame microshit, stupid.

>> No.64142040
File: 804 KB, 1920x1080, 1512115679449.jpg [View same] [iqdb] [saucenao] [google] [report]
64142040

>>64141987
my sides, microshit is even reluctant to turn the shit on

>> No.64142082

That is for servers. Usually on servers you don't run foreign / untrusted code, or if you do its already fucked. Having it on manual enable on servers is understandable.

>> No.64142091

>>64141987
don't update

It's a scam to make you upgrade your rig and buy new chips


They are targeting future proof rigs to make money.

I won't update unless I get a free £4000

Compensation rig


If you have two factor authentication on everything your stuff is safe

Fuck paying for hardware after the first rig

>> No.64142140

>>64142082
Why even bother using anything but root then on the server?

>> No.64142144
File: 1.29 MB, 1373x5531, 234.png [View same] [iqdb] [saucenao] [google] [report]
64142144

>>64142009

>> No.64142158

>>64142144
It's been so long since I've tinkered in the registry. How do you add those to the registry again?

>> No.64142184

>>64142144
Isn't that just for servers rather than home computers

>> No.64142190

Oh wait this bug only affects cloud server faggots?

Ok have fun losers

>> No.64142304

>>64141987
My understanding is that it's enabled by default on client OS's and disabled by default on server OS's.

Obviously if you're running untrusted code on your servers, you have bigger problems.

>> No.64142429

>>64142304

No it's disabled by default in all cases.

>> No.64142452

>>64142429
This post from Microsoft themselves says otherwise >>64142144

>> No.64142454

wait is this a windows update or what? my windows 10 ))) wants to update

>> No.64142607

>>64142452

>intelligence level of windows user

Think again stupid.

>> No.64142635

>>64142607
>>64142452
>>64142144
>enabling protection on servers
>protection on servers
>on servers
>servers

Please go back to shilling for amd

>> No.64142663

>>64142635

Enjoy getting rekt, moron.

>> No.64142682

>>64141987
>Windows actually giving customers a choice in the matter
Well that is honestly surprising.

>> No.64142721

>>64142663
Enjoy your amd vulnerabilities

>> No.64142757

Im eurofag why haven't I gotten the patch?

>> No.64142781

>>64142757
for the same reason you're never ever getting the 1 billion euros from Intel when EU won the lawsuit in 2009

>> No.64142802

>Tricking the cpu

>> No.64142833

>>64142802
https://www.youtube.com/watch?v=zNqcuzUleNQ

>> No.64142895

I wasn't pushed the update through win 10 update but i manually installed the update through microsoft's website.
I'm not really sure if the fix is activated though based on this thread. Is manual activation only required for servers or for everybody?

>> No.64142962

>>64142895
Read the fucking page OP posted and see if the process has any effect

>> No.64143061
File: 55 KB, 1598x1460, powershell_2018-01-04_04-07-04.png [View same] [iqdb] [saucenao] [google] [report]
64143061

>>64142962
it was pretty much worthless. i added the keys and did the powershell stuff to the best of my ability but this is all that happened.

>> No.64143080

Where is patch for windows 8 ?

>> No.64143111

>>64142144
Where is the LTSB update fug

>> No.64143257

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4056897

What the fuck, I'm getting security errors on both Firefox and Chrome and can't download the update. Does the URL above work for you?

>> No.64143301
File: 29 KB, 633x758, 1470793099143.png [View same] [iqdb] [saucenao] [google] [report]
64143301

>>64142781
Fug how do I house refugees now???

>> No.64143327

The patch has only been out for a few hours and already its not working for most users, I'll definitely be backing up my copy of 8.1 before attempting the update once it comes out.

And could we PLEASE get a conclusive answer as to whether you need to edit the registry to active the patch? I can foresee this going wrong for lots of people.

>> No.64143387

The fix does not need to be manually activated. Kind of defeats the entire purpose of a patch doesn't it?

Stop believing fake news.

>> No.64143390

>>64143257
Okay it works now, I wonder what the fuck is Microsoft doing fucking with the SSL certificates at a time like this.

>> No.64143410

>>64143257
>>64143390
I myself can't reach it now.

>> No.64143427

>>64143410
The Update Catalog is a giant piece of shit so maybe they're having trouble handling many connections at once for this.

>> No.64143456

>>64143061
Yo anon, just type in

powershell.exe -ExecutionPolicy Unrestricted

and re-run the Get-Spec command.

>> No.64143458

I want to disable it on the desktop, how to?

>> No.64143478

>>64143387
It has to be manually activated for servers. For desktop, installing KB4056897 should be enough.

Alex Ionescu has released a tool to check if your Windows is affected by Meltdown and Spectre: https://ionescu007.github.io/SpecuCheck/

So you can check you're no longer vulnerable to Meltdown once you've applied the update.

>> No.64143546

>>64141987
>windows server
itt: retards who can't read

>>64143458
just don't install it

>> No.64143575

>>64143478
>no precompiled binaries, just a visual studio project file
Lazy fuck.

>> No.64143583

>>64143575
https://github.com/ionescu007/SpecuCheck/releases

>> No.64143600

>>64143583
Thanks.

>> No.64143617

>>64143546
i'm sure it will install on its own if I shut the pc off
welcome to windows 10

>> No.64143630
File: 12 KB, 455x310, specucheck.png [View same] [iqdb] [saucenao] [google] [report]
64143630

This is how it looks for me after installing KB4056897 on Windows 7 x64 with an i5-2500K.

>> No.64143722
File: 93 KB, 1560x1400, powershell_2018-01-04_04-58-36.png [View same] [iqdb] [saucenao] [google] [report]
64143722

>>64143456
thanks anon,
this is the new result. i'll check that MS page try to decipher its meaning.

>> No.64143793

>>64143546

Fake news, you need to manually enable it via registry on all versions of windows.

>> No.64143797

>>64143722
You have a newer Intel processor (KVA Shadow required + PCID Enabled flags) and the Meltdown bug is patched. But, you should check your registry for the Spectre exploit being enabled etc

>> No.64143827
File: 122 KB, 1560x1400, powershell_2018-01-04_05-04-36.png [View same] [iqdb] [saucenao] [google] [report]
64143827

>>64143722
not really sure where i went wrong. it does seem that the injection mitigation has to be manually enabled. i've tried to run microsoft's registry edit in a few ways but short of trying to plug their key directly into registry editor and manually adding the entry i'm not sure what i'm doing wrong to enable it. i'm surprised they made it this tedious.

>> No.64143835

>>64143827
psst, this is windows. Have you tried rebooting?

>> No.64143838

So, this shit is installing on my win10 right now. How do i disable it after that since i have ryzen and it's not a server, so it'll be active by default. I heard it could be done through registry, but what keys?

>> No.64143840

>>64143722

According to OP link, this is what it should say when the mitigation is enabled:



PS C:\> Get-SpeculationControlSettings

Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True

Windows OS support for branch target injection mitigation is present: True

Windows OS support for branch target injection mitigation is enabled: True



Speculation control settings for CVE-2017-5754 [rogue data cache load]



Hardware requires kernel VA shadowing: True

Windows OS support for kernel VA shadow is present: True

Windows OS support for kernel VA shadow is enabled: True

Windows OS support for PCID optimization is enabled: True

>> No.64143854

>>64143838

It's not enabled by default.

>> No.64143886

>>64143838
No way to disable it on non-server Windows. But if you don't patch, you'll end up paying the price, this is pretty serious.

>>64143854
It's not enabled by default only on Windows Server. Regular Windows 7/8/10 receive a different update which enables the mitigation by default.

>> No.64143888

>>64143257

>can't download the patch
>obscure documentation not clear whether patch is enabled anyway
>have to regedit to enable it

Microshit windaids.

>> No.64143910

>>64143886

Stop lying, it's NOT ENABLED BY DEFAULT ON ANY WINDOWS. See this guy? >>64143722 Windows 10 Not enabled by default.

>> No.64143916

>Install-Module SpeculationControl
>"The 'Install-Module' command was found in the module 'PowerShellGet', but the module could not be loaded"
>Set-ExecutionPolicy Unrestricted
>same shit
>turns out I need Powershell 5 which is from WMF 5.0 update
>ok
>download and install KB3134758
>restart
>applying updates,restarts
>updates failed :o, rolling back
>no idea why, meet all requirements for installing it

god damn im tired of this shit

>> No.64143935

>>64143910
That guy is for some reason following Windows Server instructions from the OP.

>> No.64143938

It's not illegal if the user decides himself to slow down the computer. Genious!

>> No.64143945

Windows 10 patch here

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892

>> No.64143962

>>64143935

The guy ran the powershell check which shows that it's not enabled by default. You must be an incuck shill here to trick people into not enabling the CPU crippling "hotfix".

>> No.64143965
File: 12 KB, 343x269, specucheck.png [View same] [iqdb] [saucenao] [google] [report]
64143965

I am not crippled, right?

>> No.64144030
File: 21 KB, 642x392, SpecuCheck.png [View same] [iqdb] [saucenao] [google] [report]
64144030

>>64143965

RTFM from https://github.com/ionescu007/SpecuCheck

Pic related, mitigation enabled.

>> No.64144042

>>64143965
youre fucked

>> No.64144071

>>64144042
Why? I'm not a inteltoddler to be affected by meltdown.

>> No.64144076
File: 2 KB, 312x181, screenshot.3.png [View same] [iqdb] [saucenao] [google] [report]
64144076

>>64144030
Looks like I'm in the clear.
I did not apply the registry updates either, as they are for Windows Server only.

>> No.64144090

>>64143722
I haven't been able to enable OS suport for branch target injection mitigation but the 5th line that reads:
>Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True
Seems to mean that injection mitigation won't enable at all without the hardware support (BIOS update patch, obviously unreleased)
So I'm not sure I will be able to enable the patch, and this would probably apply to most other people too.

>> No.64144115
File: 68 KB, 700x700, 1503248584806.jpg [View same] [iqdb] [saucenao] [google] [report]
64144115

>>64143080
This

>> No.64144124

>>64143962
>incuck shill
How's being 13 years old working out for you?

>> No.64144143

>>64144115
>>64143080
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056898

8.1 applies to 8 too I believe.
Why are you on 8 instead of 8.1 anyway?

>> No.64144145

>>64144090

Did you reboot?

>> No.64144155

>>64144143
but why aren't the patches for win 7 and 8 rolled out through the windows updater?

>> No.64144168

>>64144076
Actually it's a bit more complex than that.

You still need to update Firefox/Chrome(Which won't be released until Jan 23rd) AND firmware updates from Intel

>> No.64144169

>>64144143
I was a lazy fuck, do you think it will work 8.1 and 8 are kinda the same

>> No.64144172

>>64144145
yes if you were that other anon that suggested that, i did reboot

>> No.64144187

>>64144155

Because you are microniggers forced to wait until patch jewsday.

>> No.64144192

>>64144155
It won't be in official windows update until Tuesday I believe. Only Win10 has it rolled out today.

>>64144169
I'm on 8.1 and when I ran the tool this >>64144076 was the result, so I assume it worked.

>> No.64144211

>>64144192
>It won't be in official windows update until Tuesday I believe. Only Win10 has it rolled out today.

But why? Why is win 10 getting the day 1 fix and win 7 and 8 users have to wait until tuesday? Critical security updates count as part of the extended support for both.

>> No.64144219

>>64144211

Welcome to microshit windaids.

>> No.64144221

Apply applicable firmware update provided by your OEM device manufacturer.

What's that? I have a custom built pc.

>> No.64144226

>>64144211
because m$ are cunts and is punishing those who didnt update to 10

>> No.64144234

>>64144192
Do you notice any of those famous performance issues?

>> No.64144243

>>64144221
it means download a firmware update for your processor(intel/amd) when its available.

>> No.64144259

>>64144243
Not a bios update? I have an engineering sample (qh8f)

>> No.64144289

>>64144211
They hate us, I am going to Wait until tuesday and when I have more info about the patch I am kinda paranoid, my computer is offline anyway to lower any risk

>> No.64144290

>>64144234
I didn't run any benchmarks before installing it, and I can't be assed to uninstall it, do benchmarks, then do benchmarks afterwards, so I don't know. Based on all the other discussions, it seems the performance hit is non existent for end users. definitely not 30% and shit. Maybe 1%

It doesn't matter what the performance hit is IMO. anyway, because without it, you're wide open to being royally fucked by any drive-by javascript payload.

>> No.64144296

>>64141987
I've got nothing to hide.

>> No.64144329

Does a patch for win 7 exist to download manually? Has anyone installed and tested it already?

>> No.64144336

>>64144296
Alright well mind giving me your Credit Card/Debit card/Bank information? So that's basically what you're saying.

>> No.64144340

>>64142091
that's bad advice

what you could do is not update, cut your internet for windows to your gayming only and use ubantu for everything else online related

>> No.64144371

>>64144290
I cut off my Internet anyway. I will be safe as long as I don't hang around too much on the Internet (I hope ) unless specter or meltdown or whatever enters trough my windows and Doors

>> No.64144398

>>64144371
>unless specter or meltdown or whatever enters trough my windows and Doors
Also make sure to check under your bed for boogeyman too.

>> No.64144406

Getting Explorer.exe crashes where I have to restart them from task manager.. anyone get those?

>> No.64144420

>>64141987
I haven't seen any update besides the normal daily antivirus shit from Windows all week. Why isn't it in Windows Update?

>> No.64144430

>>64144420
been said a million times, TUESDAY

>> No.64144433

Start menu won't open REEEEEEEEEEE

>> No.64144436

>>64144420
Windows 7?
You're getting it later on Tuesday.

>> No.64144440

>>64144090
>Customers who only install the Windows January 2018 security updates will not receive the benefit of all known protections against the vulnerabilities. In addition to installing the January security updates, a processor microcode, or firmware, update is required. This should be available through your device manufacturer. Surface customers will receive a microcode update via Windows update.
I guess this basically confirms it. So just installing the patch does almost nothing. That's probably why most of these benchmarkers are picking up only minor benchmarking differences before and after updating.

>> No.64144442

>>64144430
Why the FUCK are they waiting a week?

>> No.64144443

>>64143722
Same here, updated Windows, did nothing else and got these results.

Do I need to apply those registry fixes?

>> No.64144453

>>64144442
It's harvest time, Anon. Time to disconnect your internet.

>> No.64144467

>>64144442
Because Microsoft is waiting for people (their customers) to test it before they release in their weekly update.

>> No.64144478

>>64144443
see this >>64144440
It comes from here: https://support.microsoft.com/en-gb/help/4073119/windows-client-guidance-for-it-pros-to-protect-against-speculative-exe
It appears to me that a hardware update is also required for the patch to be enabled.

>> No.64144481

>>64144398
Just cheeked there was an ant under my bed, nanomachines probably

>> No.64144504

>>64144478
Fuck me.

>> No.64144509

>>64144440
All of those are just bandaid fixes anyway.

We're going to need an entirely different line of CPU's to address this.

>> No.64144519

Start menu won't open after installing the update. Fuck all of you esp Windows 10. Had more bugs in some few months of using it than I can count on my both hands. The devs need to get shot

>> No.64144547

>>64144478
Don't they want the teers of a virgin too ? For brainlet normal people who only knows how to turn on computers this is complicated, even worst nobody believes me where I live they say I am mad and paranoid

>> No.64144551
File: 137 KB, 800x800, 9875468992864.jpg [View same] [iqdb] [saucenao] [google] [report]
64144551

>>64143111
>ltsb
>update

>> No.64144553

WTF i installed the patch and my i7 turned into a Pentium 2

>> No.64144569

>>64144553
Nice upgrade, Anon.

>> No.64144573

>>64144478
>>64144504
So we have to wait for Intel to release a patch as well?

>> No.64144576

>>64144467
But they didn't wait for win 10 users to test it and released it today. Are you guys sure win 7 and 8 will only get it on tuesday? Did Microsoft make any official statement regarding that?

>> No.64144607

>>64142833

That is some woman-tier logic

>> No.64144615

>>64144573
Whoever your motherboard manufacturer is probably needs to release a bios update for your motherboard firmware. That could take some time and also seems to indicate that older motherboards that are out of support period might not be able to enable the update at all..

>> No.64144630 [DELETED] 
File: 16 KB, 482x291, cmd_2018-01-04_15-43-11.png [View same] [iqdb] [saucenao] [google] [report]
64144630

>>64143456
Even with this I am getting the same error of this anon >>64143061
Any method to solve it?
According to Specucheck though, it seems that I am safe. (Pic related.)

>> No.64144650

>>64144615
It's already been proven that you only need to enable the update on windows servers. The regular windows update people are getting enables it by default.

>> No.64144653

So how do I avoid this on my amd machine? I don't want performance degradation from the meltdown patch when I'm not even affected

>> No.64144656

>>64144481
listening device anon. they're coming for you. you disabled the internet

>> No.64144662

>>64144615
Fuck

>> No.64144676
File: 14 KB, 395x271, 6161611.png [View same] [iqdb] [saucenao] [google] [report]
64144676

>>64143456
Even with this command I am getting errors when I am trying to execute Get-SpeculationControlSettings.
But I was able to run Specucheck and it seems that I am safe.

>> No.64144682

>>64144653
Why would you want that goy? Microsoft is simply leveling the playing field and keeping it fair.

>> No.64144688

>>64144650
Okay, i'll take your word for it.
>>64144662
Don't panic, the specucheck seems to be reporting some level of protection seems to be activated so maybe it's not too bad.

>> No.64144698

>>64144650
No the windows update only addresses one of the variants.

>>64144615
Where are people getting you need a bios update from? Has any article specifically mentioned this?

>> No.64144699
File: 41 KB, 342x677, 1410062667952.jpg [View same] [iqdb] [saucenao] [google] [report]
64144699

lemme get a quick rundown here, is there any way for me to jew intel into a new cpu?

>> No.64144706

>>64144656
Loading my shootgun, my wife is at work my daughter at school too late for them probably killed and turned into cyborgs. Shoot to kill, thanks anon you may have save my life

>> No.64144710

>>64144676
did you download any firmware update for your motherboard as well? If not, are people like >>64144615 talking out of their ass?

>> No.64144716

>>64144699
join the class action suit for MONEY, why the fuck would you want another hardware rootkit?

>> No.64144728

>i7 @ 4ghz
>apply update
>text is literally lagging when I'm typing as I'm encoding a webm

what the fuck is this shit?
im not even kidding

>> No.64144735

>>64144710
Nope. I didn't download any firmware for my motherboard or neither update it. I just updated Windows 1 hour ago. But still I can't run the Windows tool provived within the Powershell and I dunno why.

>> No.64144741

>>64144653
install linux >>64134961

>> No.64144751

>>64144735
oh make sure you are running powershell as an administrator. right click powershell and click run as admin.

>> No.64144762

Start menu won't open now. What the fuck? Anyone getting this?

>> No.64144767

>>64144751
Nothing mate, even that dosen't work.

>> No.64144832

>>64144289
I'm sure that all the hackers in the world are waiting for you to go online to fuck the special snowflake up.

>> No.64144837
File: 286 KB, 600x322, 1514935037492.png [View same] [iqdb] [saucenao] [google] [report]
64144837

>>64144762
>>64144433
>>64144519
>>64144728

>> No.64145000
File: 461 KB, 1883x575, Untitled-231.jpg [View same] [iqdb] [saucenao] [google] [report]
64145000

>I7 6700k
>shitty BIOS that I don't want to update because it's unstable and can't afford a brick living rural
fug

>>64144762
Probably some fucked shell extension. Download ShellExView and disable anything you don't need from a third party.

>> No.64145004

What is the name of the update for Windows 7 that patches up this security hole?

>> No.64145016

>>64143916
You remember to install WMF 4 first? Also .NET 4.5 is a prereq.

>> No.64145049

I'm getting tired of this shit. I want to switch to Linux but apparently over there it's worse regarding this situation.

>> No.64145060

>>64145049
>over there it's worse regarding this situation
In what way?

>> No.64145062

>>64145016
Already have WMF4, which is PS 4. I tried installing it just incase anyway, and it didn't let me stating the requirement was already met.

>Also .NET 4.5 is a prereq.
Yep, already got that.
When updates force rollback, is there a log file created somewhere? Maybe that'll help me

>> No.64145082

>>64144329
Windows 7 has had 2 kinds of patches for some time:
- Cumulative monthly general updates (include telemetry and shit as well as security updates): this is what you get on Windows update every Tuesday.
- Individual monthly security-only updates: what sane people use, accessible from the Windows Update Catalog.

Microsoft has already released an emergency out-of-cycle patch for 7/8/10.

The security-only update for Windows 7 is here: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4056897

For non-server Windows, you just install it and that's it. For Windows Server, you need to add some shit to the registry, see the OP.

To verify you're protected after installing the update, use this: https://github.com/ionescu007/SpecuCheck/releases

>> No.64145094

>>64145004
KB4056897

>> No.64145118

>>64145094
>KB4056897
Thanks, anon.

>> No.64145144

>>64145082
Is there any confirmation that patch is for that? Those are released about this time every month anyway, and MS said they wouldn't be releasing a patch for 7/8 until next week.

>> No.64145152
File: 13 KB, 420x287, Win10LTSB.png [View same] [iqdb] [saucenao] [google] [report]
64145152

WHAT DOES IT MEAN? DID I FALL FOR THE LTSB MEME?

>> No.64145182

>>64145082
>https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4056897

I can't access that site. It tells me the connection is not secure. If I search for KB4056897 in google it only links to a 404 page not found.

>> No.64145184

>>64145118
Shieet, update has been installed. Wish me luck, guys.

>> No.64145212

What test should I use to benchmark my cpu before the update?

>> No.64145248

>>64145060
I don't know honestly.

>> No.64145257

>>64145182
I experienced the same exact issue a few hours ago, I just kept refreshing every 10 mins until it worked. It's incredible how such an important site works so bad.

>> No.64145274

>>64145182
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056897

>> No.64145275 [DELETED] 

>>64145257
just go to http instead of https and risk a MITM what's the big deal anyway

>> No.64145291

So what do I do? I don't want this update, but I don't want to get hacked or something. Is there a way to bail out of this hell?

>> No.64145302

>>64145291
Buy AMD.

>> No.64145307
File: 28 KB, 645x773, 1496939473851.png [View same] [iqdb] [saucenao] [google] [report]
64145307

>>64145291
there's always one way out

>> No.64145314

>>64145291
Ryzen

>> No.64145326

Windows 10 update as simple as enabling Windows Update in GPEdit, starting the service in services.msc, and clicking check for updates again? or do I have to manually install the KB package because the patch hasn't been released for consumers yet? Can anyone confirm I can ignore this after the OS patch or will I have to update my fucking BIOS when/if my OEM gets off it's ass.

>> No.64145336

>>64145302
Shills don't even try anymore.

>> No.64145356
File: 5 KB, 212x249, sad penguin.jpg [View same] [iqdb] [saucenao] [google] [report]
64145356

>>64145302
>>64145314
I have no money for new motherboard and cpu my manes, my cpu is second-hand i5-4670, it was enough
>>64145307
rip

>> No.64145362

>>64141987
>Windows Server Guidance to protect against the speculative execution side-channel vulnerabilities

>Windows
>Server

It's the current year FFS
Use Debian/Ubuntu or CentOS/Fedora/RHEL like any sane human being

>> No.64145365

>>64145094
So what is the higher risk, getting your shit fucked up by hackers exploiting meltdown in the next 5 days or downloading and installing an untested security patch? You guys think Microsoft is going to make any changes to the patch until next tuesday?

>> No.64145367

>>64145336
>AMD isn't affected by the bug therefore it's exactly what anon wants
>shills!!

>> No.64145391

>>64145356
Just don't download any files or visit any javascript websites and you'll be fine anon

>> No.64145392
File: 13 KB, 840x600, C78qZS.png [View same] [iqdb] [saucenao] [google] [report]
64145392

Am I OK? If I'm not my new CPU is going to be a Ryzen 1800x

>> No.64145411

>>64145391
So you mean cut myself off internet? Is linux safe so I could at least browse?
Why do we still use javascript anyway?

>> No.64145432

>>64145184
let us know if it worked. Haven't heard from anyone who installed the win 7 update yet.

>> No.64145437

>>64145411
No one is safe without the patch. It's Ryzen or patch my friend

>> No.64145466

I installed the patch in W8.1 how do I know if it's working?

>> No.64145467

>>64145411
yes
no
pajeets

>> No.64145490

>>64145437
>>64145467
Fucking intel

>> No.64145496

>>64145432
I've installed the updated and have finished rebooting. Everything seems fine so far.

>> No.64145528

>>64145496
What about the Start Menu?

>> No.64145562

>>64145528
Not that guy but just finished installing the patch on Win7 and have no (apparent) issues

>> No.64145577

>>64145528
Works for me

>> No.64145579

>>64145528
The start menu is working fine.

>> No.64145601

>>64145562
>>64145577
>>64145579
With that said, that makes me want to install the update too.
Thank you Microsoft™.

>> No.64145619
File: 839 KB, 1373x5531, COMPRESS.png [View same] [iqdb] [saucenao] [google] [report]
64145619

>>64142144

>> No.64145668

>>64142190
No, retard...

>> No.64145688

>>64142190
Sever's are just the primary target to secure since they're a bunch of users sharing resources with each other.

Everybody is still affected.

>> No.64145694

>>64145144
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

This is the Microsoft bulletin for Meltdown and Spectre. KB4056897 is listed there.

>> No.64145701

>>64142721
.01 cents have been deposited into your Intel® Spectre Damage Control™ Account

>> No.64145704

>>64145562
>>64145577
>>64145579
So did the update fix the issue or did you have to manually enable shit like the OP is saying? Still getting conflicting messages here whether that only applies for the updates for windows servers or all the updates.

>> No.64145731

>>64142721
enjoy your intel perma back door

>> No.64145732

>>64145704
I can't seem to get the test to work at all, gimme a sec

>> No.64145748

>>64142158
literally copy pasta that command to add the key to the right directory
reg /?
reg add /?

>> No.64145754

>tfw on 10 ltsb
>tfw also on ryzen
wew

>> No.64145770

>>64145704
I manually edited the registry entry and set it to 1.

>> No.64145782

>>64145770
just to be sure.

>> No.64145818

Isn't this grounds for a class action?

>> No.64145825

>>64145818
No, its nothing

>> No.64145839

>>64145731
Ryzen has one too lmao

>> No.64145887

>>64145839
PSP can be disabled

>> No.64145890

So if you install this patch on 8.1, can you roll it back? I want to compare how my gaymes will perform and decide whether I should just unplug ethernet.

>> No.64145932
File: 8 KB, 232x250, 1498313045371s.jpg [View same] [iqdb] [saucenao] [google] [report]
64145932

>>64145887
Sure it can

>> No.64145945
File: 265 KB, 868x756, 1508174955143.png [View same] [iqdb] [saucenao] [google] [report]
64145945

>>64145932
AMD does what Inteldont

>> No.64145948

Fuck, for some reason I can't seem to be able to install Microsoft's testing module through powershell.

>> No.64145958

Powershell is being a cunt and won't let me run the commands, reee

>> No.64145971

>>64145839
Which affects Intel as well, and needs specific things enabled to work, so it doesnt affect 99% of amd users. Plus the patch doesn't affect performance.

>> No.64145989

>>64145971
It was put there for the nsa but you its okay when amd does it

>> No.64146023

>>64145948
what about that testing module from github that everyone seems to be using? Or is that doing something else?

>> No.64146045

>>64145825
A 35% performance loss is going to cripple services depending on virtual machines. It doesn't sound like fucking nothing.

Every service relying on major crypto for their security is about to get totally fucked by this. That goes double if they're actually storing FILES for HOSTING and not just a bunch of keys, links, references, etc.

Any company which depends on optimization for their edge is either about to be left out in the cold and be dangerously insecure or they're going to get fucking reamed.

This is literally so bad that some moron can rent 5 minutes on Amazon's renderfarms legally and then use a backdoor to download their tables and run Hashcat or John on dictionary and walk out with enough amazon giftcards to start a new country if the entire process was automated.

>> No.64146047

>>64146023
I haven't tried it yet since the coder has only tested it for Windows 10. I'm updating the Powershell to see if I can run Microsoft's test module.

>> No.64146064

>tfw every 100k+ youtuber don't do that
>self validating anon screenshoots all of their totally legit benchmarks to plaster all over "its nothing guise".
>this shit storm will last for centuries

>> No.64146069
File: 65 KB, 679x711, 1515079291932.jpg [View same] [iqdb] [saucenao] [google] [report]
64146069

>> No.64146099
File: 1.07 MB, 394x412, just_angry.webm [View same] [iqdb] [saucenao] [google] [report]
64146099

>>64146064

>> No.64146106

>>64146045
So amazon can sue but its not going to be a class action lawsuite for consumers like us. It doesnt even effect windows performance for desktop users

>> No.64146228

>>64146106
Of course there will be class action lawsuits. This is America. There was a lawsuit over the gtx 970. A big law firm will roll up all the clients, negotiate directly with intel and settle for hundreds of millions out of court. They will take thirty percent, try to contact everyone who bought an affected intel chip and send them like ten dollars each.

>> No.64146249

>>64146228
Nvidis lied about the 970, theh never lied abour the bug. It aint happenin

>> No.64146301

thank fuck i've got a devil's canyon i5 so i won't be hit too bad, right /g/uys?

>> No.64146325

>>64146301
>I've got a (not ryzen) so I won't be hit too bad
You're fucked like the rest of us

>> No.64146333
File: 83 KB, 659x609, 1503188848604.jpg [View same] [iqdb] [saucenao] [google] [report]
64146333

>>64142009
Oh sir, hello microsoft support here
You see we have taken this link and appended -s to it to represent a security related topic like strncpy_s and strnlen_s please do not be misunderstanding the phonetic of such topics is to be street because sierra is copyrighted term referring to chinese macintosh. I hope I have answered your questions today

>> No.64146336

>>64146301
Unless you are using it as a server you wont notice. Ignire ryzen shills patting themselves on the back

>> No.64146341

>>64146301
All intel CPUs past westmere(and possibly some older ones) are affected.

>> No.64146359

>>64146333
Christ, that's exactly what it feels like browsing Microsoft's tech support.

>> No.64146416

>>64146325
Are all ryzen unaffected by this? Even the old ones like the ryzen 5?

>> No.64146800

>>64144259
Microshaft is just telling you to install microcode updates, don't bother.

>> No.64146830

>>64144296
Hey m8! If you don't mind, please take a picture of yourself (nude, you don't have anything to hide, right?) outside your house, with the address showing, and post it here. Your social security number would be nice, too.

>> No.64146852

Do I really have to bother with all this shit or can I just disconnect my internet and wait until Tuesday for the update?

>> No.64146926

>>64146852
you can conncet to secure servers only, anything hosted by amazon and google are safe

>> No.64146935

>>64146852
install gentoo, unironically

>> No.64147023

>>64146926
Can i disable the update and only use steam and not be compromised?
I'm talking long term here

>> No.64147088

>>64147023
any game server you connect to could also be compromised. The only two games I know are safe are PUBG and Golf it since they rent amazon servers

>> No.64147176

>>64144443
I added the registries and it did nothing, I'm still getting this >>64143722. I'm on windows 7

>> No.64147231
File: 78 KB, 1920x916, Microsoft Update Catalog 04-01-2018, 17-26-01.png [View same] [iqdb] [saucenao] [google] [report]
64147231

>>64141987
I INSTALLED KB4056898, DO I NEED TO ENABLE IT OR SOME SHIT REEEEE FUCK INTEL

>> No.64147298

>>64147088
I'm not tallying about playing online

I would only use steam for downloading games and game updates

>> No.64147322
File: 45 KB, 1219x720, LTSB.png [View same] [iqdb] [saucenao] [google] [report]
64147322

AM I FUCKING PATCHED OR NOT HOLY FUCK REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE

>> No.64147360

I fucking give up, I can't seem to get this piece of shit Powershell to run the command to download the testing module.

>> No.64147371

I don't get this meme at all, what does this vulnerability even do? Can you get malware'd or something? Does it need to go through the antivirus first?

>> No.64147374

>>64147298
*talking

>> No.64147415
File: 54 KB, 677x363, file.png [View same] [iqdb] [saucenao] [google] [report]
64147415

Am I safe?

>> No.64147438

>>64147415
No. One of the vulnerabilities affects practically all modern CPUs and it cannot be patched via software. Your only option is to buy one of the next generation CPUs that don't exist yet.

>> No.64147465

>>64147371
All programs (even javascript) can get access to memory of other program in your system, this includes typed in passwords, certificates etc

>> No.64147482

>Customers who only install the Windows January 2018 security updates will not receive the benefit of all known protections against the vulnerabilities. In addition to installing the January security updates, a processor microcode, or firmware, update is required.

So old systems are fucked.

>> No.64147491

>>64147465
even in sandboxie?

>> No.64147503

>>64147491
Even from a virtual machine

>> No.64147534

>>64147503
What the fuck. Also what would it matter if you aren't running malicious software?

Can I patch this without turning on windows update? I'm on 7.

>> No.64147555

>>64147322

nigga, check windows update. fuck you and fuck powershell.

>> No.64147566

>>64147322
>>64147415

what is that shit? have you tried installing the KB?

>> No.64147586

>>64147534
>Also what would it matter if you aren't running malicious software?
Any website you visit could do the attack
>Can I patch this without turning on windows update? I'm on 7.
Yeah, here:
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056897

>>64147566
Yeah, installed

>> No.64147612
File: 6 KB, 638x113, UPDATE.png [View same] [iqdb] [saucenao] [google] [report]
64147612

>>64147555
>>64147566
I DID AND IT SAYS IT'S UP TO DATE!

FUCK MY ASS AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

>> No.64147627

>>64147586
>Yeah, here:
>https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056897

Should I put it on every machine no matter if AMD or Intel?

>> No.64147647

>>64147612
rip anon

>> No.64147672

If you are running win7 or 8 and the powershell commands all dont work, you need to install the new powershell version from here first:
https://www.microsoft.com/en-us/download/details.aspx?id=54616

>> No.64147698
File: 74 KB, 877x639, file.png [View same] [iqdb] [saucenao] [google] [report]
64147698

This is win7 after the update was installed

>> No.64147742
File: 166 KB, 860x382, Speculum-cervix-control.jpg [View same] [iqdb] [saucenao] [google] [report]
64147742

I ran windows update (NOT manually installing the KB). I get this error, what's the issue here?

>> No.64147781

>>64147742
you are running some BS instead of installing KB

>> No.64147806
File: 113 KB, 457x458, 1509715127379 - Copy.png [View same] [iqdb] [saucenao] [google] [report]
64147806

>>64141987
Whiter than you A(h)M(e)D
>>64142009 >>64142040 >>64142091 >>64142304 >>64142682 >>64143546 >>64144296 >>64144420 >>64145362 >>64147231

>> No.64147846

>>64147742
Set-ExecutionPolicy Unrestricted

>>64147781
There's enough confusion here without you chipping in. This is how you test that the KB worked.

>> No.64147855

>>64147742
see
>>64143456

>> No.64147923
File: 234 KB, 800x612, 1514936077077.png [View same] [iqdb] [saucenao] [google] [report]
64147923

>>64145932
>t.

>> No.64147953
File: 114 KB, 904x729, the-fug.jpg [View same] [iqdb] [saucenao] [google] [report]
64147953

>>64147846
>>64147855
Thanks, just pops up some explorer thing now though...

>> No.64147981

>>64147953
You running powershell 5?

>> No.64148008

>>64147981
PS C:\WINDOWS\system32> $PSVersionTable.PSVersion

Major Minor Build Revision
----- ----- ----- --------
5 1 16299 98

I guess so? I'm a complete newbie to this shit.

>> No.64148014

>>64141987
>>64147322
ATTENTION
If the update doesn't show up, you can download and install it manually from here: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892
God bless.

>> No.64148042

>>64147953
do Find-Module SpeculationControl

you will get a prompt to download something called nuget, press yes and then do the Install-Module command again, should work

>> No.64148068

>>64147953
Are you running the latest windows build?

>> No.64148076

>>64148014
Thanks, now my start menu has nothing but lolis dancing on it.

>> No.64148101

>>64148014
Then you can spend the rest of the day wondering whether it actually did anything, looking up and down this thread trying to figure out if you need to edit a registry key, and ultimately waiting another week or two for intel to release the necessary update for it to actually do anything on most people's systems.

>> No.64148116

>>64145490
Intel not so bad. AMD bad.

>> No.64148124

so is 4chan safe? it runs javascript

>> No.64148149

>>64141987
Heads up to anyone with Sandboxie- this update hard kills it. No word on when/if a fix is coming.

>> No.64148168
File: 57 KB, 276x256, 1506867647758.png [View same] [iqdb] [saucenao] [google] [report]
64148168

>>64148124
>this is all part of mootwo's plan

>> No.64148180

>>64148149
Okay, that's hilarious.

>> No.64148184

>>64148124
Nope.
On the good side you finally are going to get your soul back

>> No.64148206

>>64148101
https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892
You probably only need to ADD a registry key if you're on Windows 7. Windows 10 has Windows Defender anyway, and the registry key should already be added even if you never installed another antivirus.

As for the Powershell shit, you can use this instead: https://twitter.com/aionescu/status/948954595358752768

>> No.64148248
File: 254 KB, 1385x965, the-fug2.jpg [View same] [iqdb] [saucenao] [google] [report]
64148248

>>64148042
Still no dice, didn't get prompted for Nuget install and Install-Module just returns

>>64148068
I think so? I just turned on windows update and manually checked an hour ago.

>> No.64148250
File: 84 KB, 653x726, 1489421658644.png [View same] [iqdb] [saucenao] [google] [report]
64148250

>>64147806

>> No.64148275

>>64148206
How do you enter the key? Could anyone format it the way it should look in a .reg file?

>> No.64148282

>>64148248
Get-SpeculationControlSettings

>> No.64148297

>>64148282
>Get-SpeculationControlSettings
Opens the same explorer "open file" prompt as here
>>64147953

>> No.64148302

>>64148248
in that case maybe fall back to the other tool mentioned here >>64148206

THis powershell script is just to make sure that the patch is up and running correctly, chances are it already is and you don't need to do shit

>> No.64148303

>>64148275
Just enter those two lines one by one in an admin command prompt

>> No.64148334

>>64148302
Already tried:

F:\Downloads>Specucheck.exe
SpecuCheck v1.0.0 -- Copyright (c) 2018 Alex Ionescu
http://www.alex-ionescu.com - @aionescu
----------------------------------------------------

Your system either does not have the appropriate patch, or it may not support the information class required.

>> No.64148336 [DELETED] 

>>64141987
>Server

>> No.64148340

>>64148303
What two lines?

>> No.64148349

What's the harm if I do not install the updates today?
I have a second computer (with intel installed) at another place that my parents like to use occasionally.

>> No.64148367

>>64148340
To enable the mitigations

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

To disable the mitigations

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

It's apparently for server only though

>> No.64148370 [DELETED] 

>>64141987
>Windows Server Guidance to protect against the speculative execution side-channel vulnerabilities
>Windows Server
>Server

>> No.64148372

>>64148349
u gon git hacked by a russian boy

>> No.64148381

When do you guys think they will fix this? Ice Lake? Or do you think they can fix it by Canon Lake?

>> No.64148387

>>64148302
>chances are it already is and you don't need to do shit

No, the default outcome seems to be that most people aren't protected after running the patch. It looks like additional driver updates from other manufacturers are going to be necessary, which is pretty much what microsoft said in their extended docs.

>> No.64148403

>Windows Server Guidance to protect against the speculative execution side-channel vulnerabilities
>Windows Server
>Server

>> No.64148404

>>64148334
jesus anon, please tell me you actually downloaded the patch? Did you get it from the update catalog?

>> No.64148422

>>64148367
Where the fuck did that come from? It looks nothing like this

https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released

>> No.64148442

>>64148387
There are multiple security issues, spectre can't be patched

>> No.64148464

>>64148422
why do I keep getting a 404 page not found when I try to open this site? What does it say? Can anyone screenshot and post the relevant part?

>> No.64148471

>>64148422
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

literally the link from op

>> No.64148472
File: 87 KB, 859x732, unknown.png [View same] [iqdb] [saucenao] [google] [report]
64148472

>>64148387
may be anecdotal but for both my Laptop and PC and two other win10 anons in the thread it worked with just the patch, so it's definitely case-by-case

>> No.64148473

>>64148275
Run regedit and navigate down to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Right click on Current Version > New Key > type QualityCompat
In the empty space on the right click on New > select DWORD (32-bit) Value > cadca5fe-87d3-4b96-b7fb-a231484277cc
Make sure the corresponding Value data of this is 0x00000000

>>64148248
Run > type winver and press enter
You should be on 16299.192

>> No.64148511

>>64148473
>16299.192
I'm on .125, I just read that it won't give you the update if you aren't using support AV, I'm using Avira and I'm guessing I'll have to wait, it installed the December security patch and not January. Fuck. Thanks though.

>> No.64148521

>>64148511
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892

>> No.64148557

>>64148511
Yeah, that's probably why.

>Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY.

>> No.64148616

>>64148473
is there any way to check if I even have to do this? Where can I see if it already is compatible and should be working?

>> No.64148667

>>64148557
shouldn't MSE be a supported anti virus software? I'm not getting the update over windows update.

>> No.64148770

if the report says this
BTIDisabledByNoHardwareSupport : True

it means you need to wait for a firmware update from your OEM for it to work

>> No.64148809

So who's gonna steal my passwords? Malicious websites?

>> No.64148821

>>64148616
Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat and see if the key value cadca5fe-87d3-4b96-b7fb-a231484277cc is there. If it is present, then you should be getting the update. I just installed it manually from here before even looking at the registry: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892

>> No.64148848
File: 71 KB, 841x388, 1514458390700.jpg [View same] [iqdb] [saucenao] [google] [report]
64148848

I'm a retard, what does this mean? Do I have to do anything else manually?

>> No.64148858

>>64148667
>shouldn't MSE be a supported anti virus software?
It should be, yes: https://support.microsoft.com/en-gb/help/4072699/important-information-regarding-the-windows-security-updates-released
Update it and try rebooting. Who knows.

>> No.64148901

>>64148848
See here and scroll down a bit: https://support.microsoft.com/en-gb/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

>> No.64148902

>>64148848
You'll have to update your motherboard bios when your manufacturer releases new firmware. If what this guy >>64148770
says is true and it appears so from the suggested actions

>> No.64148912

>>64148821
I don't even have a folder called QualityCompat there.

>> No.64148926

>>64148473


Well, if it helps anyone, I got the same results as >>64147698 >>64148848 >>64147322 both before and after applying the registry edits (both OP's server ones and the no AV installed ones).

So if you've installed the patch and you get that, don't expect to get any more out of it from tweaking your reg. Running windows 7

>> No.64148928

>>64148848
it literally says it right there

Suggested actions

* Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injectio
n mitigation.
* Follow the guidance for enabling Windows support for speculation control mitigations are described in https://support
.microsoft.com/help/4072698

>> No.64148976

jesus, can microsoft or intel just throw together a fucking A P P that checks this? or does an unpaid random Pajeet need to do their goddamn job for them as usual?

>> No.64149035

>>64148926
This, I have also tried the registry edit method and IT DOESN'T WORK on Windows 7. Don't bother with it.

>> No.64149043

Just install the update and pray, may Allah bless our cpus

>> No.64149058
File: 54 KB, 995x384, borked.jpg [View same] [iqdb] [saucenao] [google] [report]
64149058

>>64148848
how the FUCK does powershell work?

none of those commands do anything.

>> No.64149077

>>64149058
you need to update to powershell 5

>> No.64149080

>>64149058
Don't bother trying to get it to work, I did and it asked me how I want to open the file when entering to command to check.

I gave up.

Oh, Microsoft..

>> No.64149090
File: 192 KB, 575x483, pep.png [View same] [iqdb] [saucenao] [google] [report]
64149090

>>64149043
inshallah, subahan allah

>> No.64149101

>>64149077
oh for fucks sake

>> No.64149117
File: 92 KB, 840x479, 1489912733931.jpg [View same] [iqdb] [saucenao] [google] [report]
64149117

>>64148901
I tried enabling the mitigations by copypasting the commands in that page. It says it was done successfully, but the getSpec info is exactly the same.
What's supposed to happen?

>> No.64149130

>>64147672
I can't be the only one who can't install this on Win 8.1, right? The update keeps failing

>> No.64149143

>>64149090
Mashallah brother

>> No.64149199

>>64149130
https://arlanblogs.alvarnet.com/installing-powershell-5-1wmf-5-1/

>> No.64149288

I just want to clear something up here. Blocking java script is all i have to do to be safe?

>> No.64149340

>>64149117
From what I can tell this tool detects 2 vulnerabilities (1 of 2 Specter variants and Meltdown). I'm a layman so I may be completely wrong but here's how I interpret it.
>CVE-2017-5715 (Specter, very hard to use maliciously in the wild unless you piss off an autist or CIA nigger, requires a new BIOS or PERHAPS new CPU architecture entirely to fix)
Hardware side: Your motherboard bios doesn't support the patch for that vulnerability currently, you'll have to wait a week or so until they release one and flash your bios or may require a new CPU/motherboard, we don't know yet because the actual detailed reports of the extent of this shit is under embargo for a couple more days.
Software side: Windows is patched for this vulnerability but it's currently disabled because your bios doesn't support it yet.

>CVE-2017-5754 (Meltdown the one that is easily patched but comes with a major performance hit and easy to use as an attack in the wild)
Patched.
Not sure if the PCID optimization enabled is red because you have an older CPU that doesn't support PCID. I think if it's green your performance impact from having this patch enabled is drastically reduced. Totally not planned obsolescence, goy.

>> No.64149405

>>64149199
That just tells me to download WMF 5.1 and install it, Which I've already attempted twice.


I can run the installer just fine.Once I restart, It states it's applying the updates, then restarts again.
Then, it tells me updates couldn't be applied without any explanation, then rolls back the update.

>> No.64149413
File: 130 KB, 866x612, oh god.jpg [View same] [iqdb] [saucenao] [google] [report]
64149413

god damnit

help please, what does all of this technoshizzlewhizzle mean?

>> No.64149469

>>64149101
There's a way to do it without having PowerShell 5 via PackageManagement module.

But that kept giving me problems too and I gave up.

In any case, try

Install-Module -Name PowerShellGet -Force
Set-ExecutionPolicy RemoteSigned
Install-Module PackageManagement –Force

That installs powershellget, sets script execution to signed(fine for MS gallery download), then downloads the latest package management version which has the spec module I believe.

>> No.64149511

>>64149413
See:
>>64149340

You need a new bios that probably isn't out yet. Once your motherboard manufactuer releases it, update and most of that shit should turn green and you'll be patched.
>https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution
>In addition to installing the January security update, a processor microcode update is required. This should be available through your OEM (AKA your motherboard/tablet/phone/etc provider).

Microcode updates can be loaded onto the CPU by firmware (usually called BIOS even on computers that technically have UEFI firmware instead of old-style BIOS) or by the operating system. Microcode updates do not persist across reboot, so in the case of a dual-boot system, if the microcode update isn't delivered via BIOS, both operating systems have to provide the update.

>> No.64149561

>>64149469
thanks, i finished installing module 5 and got immediately shit on >>64149413
, turns out a 6 year old cpu/mobo cant/wont be secure no matter how much i want it to be, and i doubt asus will release a uefi update since the last eufi update was way back in 2015.

>>64149511
thanks friendo, you have been a super help.


at this point im looking at buying 2 new ryzen desktops, because FUCK intel.

>> No.64149562

>>64149340
So what I get from this is there's nothing I can really do now apart from hoping the jews at Intel even bother to update the BIOS on my mobo asap?
That should be fun, I've never updated a BIOS and I'm totally not scared to turn it into a big hunk of useless plastic. Then again, with this entire debacle I guess it already is a hunk of useless plastic.

>> No.64149670

>>64149405
No, it tells you to download, WMF 5.1, then run the install script from within Powershell. It's something they implemented so people wouldn't have to install WMF 4 first anymore.

>> No.64149699
File: 5 KB, 250x250, 1512106085662.jpg [View same] [iqdb] [saucenao] [google] [report]
64149699

>try to figure out what the fuck is up with windows 7 updates for this shit show

>"some" AV fuck everything up and bluescreen

>every article talking about the problem with "some" AV software make no mention of which ones

>Why are some anti-virus solutions incompatible with the January 3, 2018 security updates?

>During our testing process, we uncovered that some third-party applications have been making unsupported calls into Windows kernel memory that cause stop errors (also known as bluescreen errors) to occur.

"hurrr durr some AV totally fuck everything up but we can't tell you which ones do or don't sorry lol"

>> No.64149706

How do I prevent the fix from activating on my parents' shitty i3 laptop ? It is already slow as hell.

Is deactivating windows updates enough ? It is running win7.

>> No.64149716

>>64149670
>Installation on WS2012R2 (and W8.1)
>1)Have all current Windows updates installed on the WS2012R2 machine.
>check

>2)Download the WMF5.1 Package
>check

>3) Check PS version with $PSVersionTable
>check

>4) Double click on the MSU file downloaded and the installation process will begin:

>5. Restart the machine > verify successful installation of WMF 5.1

That's all it tells me.

>> No.64149728

>>64141987
So wait? Are they deciding to just leave the CPU's as are unless you want to patch them?

Jesus the amount of malware and exploits that will come out of this will be terrifying.

>> No.64149769
File: 16 KB, 877x643, JEWED.png [View same] [iqdb] [saucenao] [google] [report]
64149769

how bad was I jewed?

>> No.64149803

>>64149769
you haven't even installed Microsoft's latest security patch bro

>> No.64149817

>>64149562
I just updated my bios a few days ago. The most annoying thing for me was losing all my OC settings and other BIOS settings which I had forgotten to write down.

>> No.64149957

>>64149803
everything's installed but I'm on windows 8.1

>> No.64149977

>>64149957
Did you install powershell 5 via WMF 5.1 to get 'get-spec' working?

>> No.64150141

>>64149977
First I've get
>PackageManagement PowerShell Modules Preview - March 2016
but it wont do shit and then
>Windows Management Framework 5.0 (Win8.1AndW2K12R2-KB3134758-x64.msu)
and then this
>Set-ExecutionPolicy Unrestricted
>Save-Module -Name PowerShellGet -Path .
>Install-Module -Name PowerShellGet -Force
>Install-Module SpeculationControl
>Get-SpeculationControlSettings
i'm not sure if all are required, but it worked

>> No.64150206

>>64150141
Only Windows Management Framework 5.0/5.1 is required, which seemed to work for me.
dont know why it fails for me, oh well

>> No.64150207

now if only W10 could stop installing adobe flash player updates over WUD

>> No.64150223

>>64150206
which seemed to work for you*

>> No.64150237

>>64149706
You might as well update it when the time comes otherwise it's a ticking time bomb before they get ransomwared

>> No.64150275

>>64149977
The Powershell tool is obviously working for him, but he didn't install the mitigation update.

>>64149957
Have you installed the update that came out in January 3?

>> No.64150300

>>64150275
>The Powershell tool is obviously working for him
I know that, but it doesnt work for me, which is why I asked if he did anything special since he's on 8.1 too. Guess I just have some odd shit going on

>> No.64150329

>>64150300
What's your error, then?

>> No.64150366

>>64150329
I've already got the mitigation update working, but I simply wanted PowerShell 5 just incase.

WMF 5.1 fails during the update process. Says it's applying updates after reboot, then immediately says they couldn't be applied and rolls back.

>> No.64150458
File: 94 KB, 647x478, 2.jpg [View same] [iqdb] [saucenao] [google] [report]
64150458

>>64149058
If u on WIndows 7, u need to install WMF 4+ and PowerShell 3+. Here is the link for WMF:
>https://www.microsoft.com/en-us/download/details.aspx?id=50395

And here is the link for powershell:
>https://github.com/PowerShell/PowerShell/releases

After install run newly installed PowerShell (not that was in system) from start menu and run this:
>Install-Module SpeculationControl
after module installed, run in same shell window this:
>powershell.exe -ExecutionPolicy Unrestricted
and then this:
> Get-SpeculationControlSettings

I'm getting this result (KB4056897 installed)

>> No.64150489
File: 8 KB, 670x234, screenshot.5.png [View same] [iqdb] [saucenao] [google] [report]
64150489

>>64150366
Just tried it again,

"We couldn’t complete the updates, Undoing changes".

The only Windows updates I don't have are the 3 optional ones which is the Win10 botnet shit I believe. If I need those just to install PS 5, then fuck it.

>> No.64150519

>>64150237
>ransomwared
It's a read-only exploit

>> No.64150662

>>64144187
>Because you are microniggers forced to wait until patch jewsday.
thanks. I'm installing it now

>> No.64150727

Fucking wait, my 2500k will be slow and shit if I install this? God fucking dammit, it was already feeling dated.

>> No.64150766

>>64150727
Only in certain scenarios and probably not in most games.

>> No.64150799
File: 36 KB, 877x643, v2.png [View same] [iqdb] [saucenao] [google] [report]
64150799

>>64150275
>The Powershell tool is obviously working for him, but he didn't install the mitigation update.
I've did it. partially.

it is known what this bios update should contains? like microcode version?!

is there any reason why this microcode update isn't made my jewsoft. they have this power...

>> No.64150881

>>64150489
AH HAH
Figured it out.

https://serverfault.com/questions/886690/unable-to-update-powershell-with-couldnt-complete-the-updates-undoing-changes

I had my TEMP/TMP environment variables set to my ramdisk, which I guess was causing it to run out of space before the update could be applied. I temporarily set it to the default C: location and it updated.

FUCK.

>> No.64151057

>tfw you update both your host and your VMs and now the VMs are double jewed.
DO NOT UPDATE

>>
Name (leave empty)
Comment (leave empty)
Name
E-mail
Subject
Comment
Password [?]Password used for file deletion.
Captcha
Action