:toc: macro :toc-name: GO RIGHT TO THE THING :icons: font :imagesdir: https://mikesgoodstuff.com/wp-content/uploads/2018/01/ Spectre and Meltdown may go down in history as two of the most talked about security vulnerabilities in computer history. I say "talked about" because although these vulnerabilities are very serious, we have yet to see any exploits of them. Yet. The problem is that protecting yourself against these vulnerabilities can be quite complicated and can also severely effect your system's performance. For that matter, you may get all the required Windows updates, but maybe you missed a bios update. Since there are so many ways these vulnerabilities are being patched, you might miss something. Enter Security Researcher Steve Gibson to the rescue. Famed for his Spinrite hard drive maintainance and recovery utility, Steve has created a fantastic and free 125 KB utility that not only helps you make sure you're protected, but also allows you to manage the fixes in the case that you experience huge slowdowns. Both of these vulnerabilities exploit an aspect of processor architecture called "speculative execution" that has been around since the 90s. Essentially, this practice allows the processor to "guess" what's happening next based on previous system behaviors. If the guess is wrong, it throws it away. If the guess is right, the task is performed much faster. These vulnerabilities allow an attacker to "peek" at this information and gain sensative information as is passes through these speculative tables. toc:: == What is Meltdown Meltdown seemed to grip the press first, and specifically targets Intel. The traditional fix to this appears to be to break "speculative execution" by flushing the tables that store the guessing data. As you'd imagine, this requires a significant penalty to performance. However, Intel did actually create a mitigation/workaround in the architecture several years ago (post-Haswell era and above) that does not require table flushing. The problem is that no one implemented it on the OS level. It does require some minor, but mostly unnoticeable, penalty to performance. Microsoft is implementing the faster fix on Windows 10 Fall Creators Update and above. Any other Windows version will only have the slow fix, at least for now. So, if you have Windows 7, Windows 8, an older Windows 10, or an Intel processor from the Haswell era or earlier (Q2 2013 - Q1 2014), then the Meltdown mitigation is going to slow down your performance by a lot. == What is Spectre Then Spectre came around, which also attacks "speculative execution", but unlike Meltdown, it affects literally every processor made in the last 20 years. That means Intel, AMD, and ARM chips such as Snapdragon, MediaTek, and the chips in Apple iPhones. Fixing Spectre is a bit more complicated. It requires both an OS update and a firmware/BIOS/microcode update to the processor. You may get one from Windows, but as to the microcode update, you're at the mercy of your computer manufacturer. == Enter InSpectre If you're confused by all of this, you're not alone. Enter our savior, Steven Gibson. After seeing all of the craziness involved in these vulnerabilities, he took a few days and wrote a small 125 KB utility that will help you manage this situation. Start by going to https://www.grc.com/inspectre.htm[this website] (maybe in a new tab) and hitting the download button. image:downloadit.png[width="800" alt="That button." link="https://www.grc.com/inspectre.htm"] Now open the application and see what it has to say. image:FirstScreen.png[width="800" alt="Look at the greens."] In my case, it says that Meltdown is averted. But, also notice that the *Performance* field says "Good". This means I'm running a newer Intel processor and the performance impact of the Meltdown fix is minor. Great! NOTE: If *Vulnerable to Meltdown* says "Yes!", check your Windows Updates. You can also scroll down the application to get some more information about the mitigation. However, *Vulnerable to Spectre* still says "Yes!". Obviously, this is a problem. If you run into this issue, as I have, you'd want to scroll down in the application until you find red text, like that shown below. image:ScrollDown.png[width="800" alt="Look at the reds."] The only red text says that I haven't gotten the microcode update to my computer. This will always come in the form of a BIOS update, provided by the manufacture of your computer. When I looked up my computer at HP's support website, I found the following page, which says I won't get the fix until early February. It sucks, but at least I know now. If you run into this problem, go to one of the following websites, depending on who made your computer, and look for a BIOS update from January of 2018. You may also have a support application from your manufacturer on your computer that can check for you. * https://support.hp.com/us-en/drivers[HP] * http://www.dell.com/support/home/us/en/04[Dell (Alienware)] * https://support.lenovo.com/us/en[Lenovo] * http://support.asus.com.cn/download/options.aspx?SLanguage=en[ASUS] * https://www.msi.com/support[MSI] * http://www.emachines.com/ec/en/US/content/drivers.html[Emachines/Gateway] * http://business.panasonic.com/support-computerstablets-driverdownloads[Panasonic/Toughbook] == Managing the Fixes Okay, so you have the fixes. But what if you run into some super bad problems as a result of the fix? For instance, what if you have that bad cocktail of old processor and/or old OS and suddenly your computer slows to a crawl. Well, the best advice would be to fix the thing that's preventing you from getting the fastest fix. Meaning: replace your CPU, computer, or OS. But this may not be the easiest answer. Especially since we *still* have not actually seen an active exploit in the wild. That's the true genius of this tool. See that *Disable Meltdown Protection* button at the bottom? Just hit that button and the utility will disable the fix and bring your performance back to where it was before. image:Disable.png[width="800" alt="This button changes to Enable when you disable it."] When you want the fix again, just open the app and hit *Enable Meltdown Protection*.