I find this story kind of interesting for a variety of reasons. If you’re not aware of it a microcode flaw has been discovered in all current Intel processors that potentially exposes their users to security breaches. The problems have been dubbed “Meltdown” and “Spectre”. Basically, they involve insecure practices being used by the processors in instruction lookahead.
Microsoft’s hand was forced on issuing patches for Meltdown by Google’s revealing the flaw and they’ve been pushing patches out. However, most anti-virus programs can’t handle the patches. From Bleeping Computer:
But Microsoft also warns that the Meltdown and Spectre security fixes are incompatible with some anti-virus products.
“During our testing process, we uncovered that some third-party applications have been making unsupported calls into Windows kernel memory that cause stop errors (also known as bluescreen errors) to occur,” Microsoft said in a compatibility note for yesterday’s security fixes.
“These calls may cause stop errors […] that make the device unable to boot. To help prevent stop errors caused by incompatible anti-virus applications, Microsoft is only offering the Windows security updates released on January 3, 2018 to devices running anti-virus software from partners who have confirmed their software is compatible with the January 2018 Windows operating system security update.”
“If you have not been offered the security update, you may be running incompatible anti-virus software and you should follow up with your software vendor,” Microsoft said.
In other words, if users are employing a third-party anti-virus product, they should first check if the AV has updated its anti-virus product to support the Microsoft patches.
There have been no reports of malicious groups using neither Meltdown or Spectre in real-world attacks, so Microsoft is also recommending that users give anti-virus vendors more time to update their products.
Microsoft says that when anti-virus vendors update their product to support the Meltdown and Spectre patches, they’ve been instructed to create a custom registry key on the OS, which will allow Windows to download and receive the proper security fixes (if the user also agrees to it).
If users aren’t willing to search their antivirus product’s homepage for such info, if they find the following registry key on their systems, the antivirus product has already been updated to support the Meltdown and Spectre patches.
Key=”HKEY_LOCAL_MACHINE” Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” Value=”cadca5fe-87d3-4b96-b7fb-a231484277cc” Type=”REG_DWORDâ€
A security researcher is currently keeping a Google Docs spreadsheet with the status of Meltdown and Spectre patches on various anti-virus engines. At the time of writing, only Microsoft, ESET, and Kaspersky AV engines support the patches, with others set to receive updates starting tomorrow.
The only anti-virus engines I use for my own computers are ESET and Kaspersky. I checked my desktops and laptop. All have had the patches pushed to them.
Here’s the part I find interesting. The patches and the firmware update that will be issued to complete the securing of these machines are expected to slow down these computers by from 10-30%.
I can’t help but wonder if these problems might induce a near-death experience for Intel. These microcode issues are pretty obviously failures of workmanship and Intel routinely publishes performance measurements of their processors. I don’t know about you but a 30% performance hit wouldn’t be much fun for me. I haven’t found records of any yet but I expect that Intel will be deluged with lawsuits.
No doubt the legal vultures are circling yet because of sheer ubiquity, chipzilla will survive.
Sounds like a good time to switch over to linux.
My reading says that most home users won’t see much of a slowdown. I’m running Opensuse and am waiting for the kernel patch to see. You might want to upgrade your browsers (Chrome 63 and Firefox 57 have some fixes in place to mitigate the effects on their operation. The Chrome fix involves some user intervention. Don’t know about Explorer.)
And then there’s your Android devices…
Will have boy genius look at it for us. Think Apple is safe?
Some home users may not notice much difference, but businesses will and gamers will definitely notice a 30% decrease. . Gaming is pretty big business now.
Steve
Macs run on Intel processors. I read that gamers won’t see any hit at all.
Complicated question. Macs have been using Intel processors for years so the odds are that an OS X update will be forthcoming. On the other hand Macs are a smaller therefore less tempting target.
On iPads and iPhones I suspect there’s a lot of scrambling going on right now. Intel says that processors other than theirs are affected, too. AMD says their processors aren’t affected (that will make the case against Intel that much stronger). Are the Apple processors on the iPad and iPhone affected? Who knows?
Ars Technica has a useful but techy explanation of the issue.
What’s behind the Intel design flaw forcing numerous patches? | Ars Technica
I’m actually more interested in the business and legal implications of the mess than in the technical implications. I think that there will be people who complain that they paid for performance that they’re not receiving.