• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Intel bug incoming? Meltdown and Spectre exploits

Any and all software can exploit the issue. JS is the most likely as users have next to no control over what js their machines run.

Every user should patch as bundled crud in software packages is bound to try and exploit it sooner or later.
 
stockhausen said:
What other software had you in mind? I was under the impression that the risk is typically posed by Javascript?
Click to expand...

I wrote out a long reply but I guess at the end of the day for the average user just installing the OS patches/microcode takes a lot of complexity out of the equation.

It is mainly just browsers but some 3rd party software can implement their own web rendering systems i.e. using webkit DLLs, etc. like game client shopfronts, etc. - some 3rd party programs make use of online functionality and javascript, etc. i.e. some MMO tools that do things with the user data from game APIs and their own servers but in that case mostly you come back to the same problem that you are running their software on your system anyhow which opens up all kind of avenues for malware.

I think the impact is a bit overblown on the average Windows desktop (outside of web browsers) as its far easier to exploit it via other means and if this is a real issue for a user then they've probably got all kinds of ****ware on their system any how never mind stuff using this vulnerability.

Operating systems which are much more resilient to malware running as a normal user gaining full elevated privileges or side-stepping the restrictions imposed on normal user accounts will be much more the target for these kind of attacks that and things like companies running services where multiple external users are logging into sandboxed environments/VMs on the same host server which could use it to break out of the restrictions and compromise other customers, etc.
 
Last edited:
Anyone else seen that Intel have said they will need 1-2 years to correct this at silicon/architecture... darn it I saw it somewhere when I read about the crap show that is them telling everyone to not use the patch from them... cant find it atm.

I'm going to be honest in saying that I dont fancy purchasing a new CPU setup until this is fixed at silicon level, so far all the patches for this have been less than optimal and some darn right farcical. Worst is they have been aware of this since mid last year, have they not been fixing it since then and if so sweet Jebus that's a long time to get to this stage for the patches.

Did I also hear that the AV companies might have already known about this for a long while, I think the register was saying that they were dipping into this memory space to 'work' their software magic and that's why some of them broke when MS patched the OSe's. Anyone able to feed into that?
 
Will this effect overclocks
and how do you tell if you have already had the ms patch.
i am only asking as i woke up today with my perm 4.6 overclock now showing only 3.691.
I checked my bios stlil shows target boost ect at 4.6 i have played around with the power settings and still nothing.
 
Some feedback from me after Windows downloaded the patches and I installed the Nvidia driver with the security update. I have a Xeon E3 1230 V2/Core i7 3770 and a GTX1080FE and run games at 1080p. I play FO4,which even at best is known to really prefer SSDs. I have a massive modded playthrough,and build large settlements and run it off a separate SSD. The game engine is known to access SSDs not in large junks,but more continuously in smaller chunks,and without an SSD the game when heavily modded becomes unplayable.In my most taxing settlements I could get between 27FPS to 30FPS,which was not ideal but it wasn't too janky. Now I notice far more drops in performance,and performance really seems all over the place with drops to 20FPS at times. I also noticed in PS2,minimums are definitely worse off in larger battles,but I can't say whether this is down to the servers suffering as a result of the patch. With ARK:Survival Evolved performance seemed a bit lower,but generally it was as playable as it was before.

What I find is minimums seem to be the worst effected.

This ties in with what Digital Foundry found methinks - games which do access your drive more often will suffer more,and that is something openworld games can do more often. This is what DF basically thought and why The Witcher 3 showed the worse performance drop of all their games:

https://i.imgur.com/tUtuxbi.jpg

tUtuxbi.jpg

You can kind of see that with some testing done by other people too using Haswell and Sandy Bridge CPUs.

Co17HUs.png

Look at what game has the worst drop with a Haswell Core i5 and a RX580 - DayZ which is an open world game.

I suspect FPS games,might not be affected as much.
 
Last edited:
Defiant306 said:
...
Did I also hear that the AV companies might have already known about this for a long while, I think the register was saying that they were dipping into this memory space to 'work' their software magic and that's why some of them broke when MS patched the OSe's. Anyone able to feed into that?
Click to expand...
I believe that researchers allegedly first identified this bug in Intel CPUs early in 2017; Google then identified it and reported it to Intel and others in June / July 2017.

In October 2017, the NSA in America decided to remove Kaspersky from all Government systems - coincidence?
 
If the cpus that are being sold now claim to be for example 3.5 stock, and you have to install the patches and you get reduced performance, surely they will now have to sell them as say 3.2 or even 3.0 , and if they wont should they not have to sell them as that becuase your now not getting what you pay for ?
 
DataVampire said:
If the cpus that are being sold now claim to be for example 3.5 stock, and you have to install the patches and you get reduced performance, surely they will now have to sell them as say 3.2 or even 3.0 , and if they wont should they not have to sell them as that becuase your now not getting what you pay for ?
Click to expand...

The frequency of the chips has not changed! just how well at a given frequency they perform.
 
Exactly what I needed. Those patches will not only degrade performance of my already struggling i7 4790 but the updated microcode will actually drop my all core turbo by 200Mhz. :mad:
 
well I updated my bios to the latest GB F22d one for my z170m d3h (since I was using the old f6 bios so I could OC my 6400)..all this spectre talk I thought I better do the 'right thing' and update it...well it still says I'm vunerable to spectre even after bios update lol...fml :(
 
You must log in or register to reply here.
Back
Top Bottom