jumper Posted January 6, 2018 Share Posted January 6, 2018 (edited) Thanks for the direct links. Both file headers are "%PDF-1.5". SumatraPDF (all versions from 0.9.0 up) works with no complaints. I'll see about compiling the test code into an app for Win95+.Courtesy of Google: This is the html version of the file https://meltdownattack.com/meltdown.pdf. Google automatically generates html versions of documents as we crawl the web. This is the html version of the file https://spectreattack.com/spectre.pdf. Google automatically generates html versions of documents as we crawl the web. FLUSH+RELOAD: a High Resolution, Low Noise, L3 Cache Side-Channel Attack This is the html version of the file https://eprint.iacr.org/2013/448.pdf. Edited January 7, 2018 by jumper Google webcache links added. Link to comment Share on other sites More sharing options...
dencorso Posted January 6, 2018 Share Posted January 6, 2018 Must read information: Spectre still unfixed, unlike what Intel says 1 Link to comment Share on other sites More sharing options...
Tripredacus Posted January 8, 2018 Share Posted January 8, 2018 On 1/5/2018 at 6:55 PM, jumper said: SpecuCheck doesn't check for the vulnerabilities, it checks for a patch. No patch for Win<7, so no reason for a Win<7 SpecuCheck. From https://github.com/ionescu007/SpecuCheck/blob/master/README.md: That is the case for a lot of vulnerability checkers, they just see if a patch/update is installed by detecting it directly OR detecting what the patched behaviour should be and doing nothing if it is the wrong response besides throwing an error. In other words, they do not actually perform an action to trigger the vulnerability itself. So there is no real way to check any system to see if it is vulnerable, especially the things everyone seems to want to ignore being 32bit OS and stuff older than Windows 7. Hopefully someone finds a way to do a PoC detection on the issue so people can test these OSes. 1 Link to comment Share on other sites More sharing options...
UCyborg Posted January 11, 2018 Share Posted January 11, 2018 (edited) You know what's funny about the MS's software patch for these vulnerabilities? They don't offer it unless anti-virus software (or you) sets a specific registry setting. So if you don't run any anti-virus, including Windows Defender, you don't get it (or any subsequent patches, according to MS). A measure to prevent blue screens caused by incompatible anti-virus software therefore applies to users that don't run incompatible software in the first place. https://support.microsoft.com/en-hk/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in Edit: should've pasted https://support.microsoft.com/en-sg/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software Edited January 11, 2018 by UCyborg Link to comment Share on other sites More sharing options...
dencorso Posted January 14, 2018 Share Posted January 14, 2018 Source: http://www.enisa.europa.eu/publications/info-notes/meltdown-and-spectre-critical-processor-vulnerabilities Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now