Intel CPUs have design and security flaw

plague311 said:
If a company is running Windows XP then they deserve to get hit with it. We handle IT for about 70 companies, and I can think of precisely 1 XP machine. That 1 machine runs an archaic program for one of the county drivers license programs. We've fought with them for ages to get rid of it, but what can you do? However, that computer doesn't have a monitor, and it's protected by a few different NSA's.

Seriously though, if you're running Windows XP you should really get your **** together. It's been sunset for years, and if you're running an application that requires such an old OS I would either pressure the people that make the app to get it together, or find a different application that's up to date.
Click to expand...

I know a company that runs XP, simply because upgrading the hardware it controls is simply not an option (CNC lathes and mills etc- each machine costing over 1/4 million bucks to replace), they also have several 98se machine still in use for the same reason

I have mentioned before that because XP is still a stable and reliable OS and in many cases where software needs compliance testing before it can be used, it is still the norm in many industrial applications (I know of one particular program used in the mining industry that they began approval for their new program in Vista- and before they could actually get it accredited, Vista had gone the way of the dodo, as had win7...)

So in the real world, there will always be older O/S's in operation, in some cases for literally decades until the machinery they control is retired-(why programmers dont simply ignore the whole windows debarcle and stick with writing software in a decent language I dont know)
:duck:
 
plague311 said:
If a company is running Windows XP then they deserve to get hit with it.
Click to expand...

Well, I run XP on my photo kiosks and their server, because nothing beyond XP will run on them, and even if it did, the Kiosk Software is not compatible. Replacing them will involve an investment of tens of thousands of dollars in new hardware and propitiatory software, and frankly, its just not worth it.

1. They have NO software running on them other that the Whitech Kiosk software, so the state of the OP is almost as per a fresh install. I have a "fresh install" backup (using Macrium Reflect) for every Kiosk, so if there is a problem with a Kiosk, I don't even bother troubleshooting, I just format the C: drive and restore from the appropriate backup.... in 60 minutes I'm back on the air again.

2. The interface between customer/user and kiosk is via a turnkey solution, the user never interacts directly with the OS.

3. Running programs from removable drives is hardware disabled within the removable drive reader, which is also write disabled, so in the unlikely event that a virus somehow gets onto a kiosk, it cannot move itself to the customer USB stick or memory card.

I've been operating this way for over 10 years and, other than the occasional BSOD or crapped out HDD, I've never had a problem. Replace/Restore has always fixed it.

All my other computers run Win 10 on an ASUS B150M-A
 
The Norseman said:
In fact, this is the prime argument for running XP on a VM on an actual secure OS.
Click to expand...

That's a strategy I use for some ancient code but you have to disbale network access to avoid some of the un-patched problems. Not allowing the network is no longer a big deal since most places either have turned off, or soon will be via Microsoft updates, the old and insecure SMB v1 protocol that XP requires.
 
There have been some problems with Microsoft's update for AMD chips today. Some machines have been freezing (BSOD) after the security update. MS has stopped the update until things are ironed out for the AMD units.
 
William Parcher said:
There have been some problems with Microsoft's update for AMD chips today. Some machines have been freezing (BSOD) after the security update. MS has stopped the update until things are ironed out for the AMD units.
Click to expand...

The official notice:
https://support.microsoft.com/en-us...urity-update-block-for-some-amd-based-devices
Microsoft has received reports of some AMD devices getting into an unbootable state after installation of recent Windows operating system security updates. After investigating, Microsoft determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown.
Click to expand...

Oops, I bet some engineer(s) at AMD are getting chewed out for not properly verifying the accuracy of the documentation before sending it to Microsoft.
 
And where does that leave AMD's original claims that their chips weren't vulnerable? Have they backpedaled that?
 
Decreased performance, BSOD, I wonder how many hundreds of thousands of work hours have been lost due to this failed update.

And the number of work hours lost to the vulnerability itself... that'll be zero.

I select and apply patches once a year (an option taken away in Win 10 where updates are forced upon the user who then has to deal with the fallout). Never had a virus or malware, never will have.
 
Trebuchet said:
Because Microsoft, of course, would NEVER create and use undocumented functions in their OS....
Click to expand...

AMD is not denying that the documents they provided recently so that Microsoft could create this fix were in error. Without at least a denial from AMD trying to spin this as Microsoft's fault is extremely dishonorable.
 
RecoveringYuppy said:
And where does that leave AMD's original claims that their chips weren't vulnerable? Have they backpedaled that?
Click to expand...

AMD never did that. They accurately said they were vulnerable to Type 1 Spectre, somewhat vulnerable to Type 2 Spectre, and not vulnerable to Meltdown. These patches from Microsoft are dealing with Type 1 Spectre and Meltdown, so you would expect AMD to be involved.
 
a_unique_person said:
Nothing to do with the chips not being vulnerable. The patch is not the Virus.
Click to expand...
This makes no sense.

Fizil said:
AMD never did that. They accurately said they were vulnerable to Type 1 Spectre, somewhat vulnerable to Type 2 Spectre, and not vulnerable to Meltdown. These patches from Microsoft are dealing with Type 1 Spectre and Meltdown, so you would expect AMD to be involved.
Click to expand...

I posted a link that said that AMD did do that. Could have been wrong though, it was early in the news cycle. Can you post a link?

ETA: New link is unnecessary. The story I linked to earlier is updated and agrees with what you said and what I earlier insinuated about AMD chips.
 
Last edited:
smartcooky said:
How are they going to fix the unbootable computers?
Click to expand...

When they say it is unbootable, they probably mean the OS won't fully load the system into a working state, not that you can't turn on the machine. The most likely issue is the operating system trying to apply a microcode update to the CPU, and that microcode not operating properly due to bad specifications from AMD. However, the microcode update doesn't overwrite the CPU microcode. That microcode is stored in ROM which the CPU loads when you power the system on. However the CPU also contains a bit of RAM, which the BIOS or Operating System can write to where the CPU will look for patches to it's existing microcode, and apply it.

The solution if the system won't boot would be to use something like a system restore to roll back the Windows to it's pre-patch state. The system would then boot properly.
 
Computers old enough to be running XP most likely don't have processors that do speculative execution and therefore they're not vulnerable to the Spectre/Meltdown flaw.
 
ceptimus said:
Computers old enough to be running XP most likely don't have processors that do speculative execution and therefore they're not vulnerable to the Spectre/Meltdown flaw.
Click to expand...
There are reports saying that it may effect CPUs as old as 20 years.
 
Fizil said:
When they say it is unbootable, they probably mean the OS won't fully load the system into a working state, not that you can't turn on the machine. The most likely issue is the operating system trying to apply a microcode update to the CPU, and that microcode not operating properly due to bad specifications from AMD. However, the microcode update doesn't overwrite the CPU microcode. That microcode is stored in ROM which the CPU loads when you power the system on. However the CPU also contains a bit of RAM, which the BIOS or Operating System can write to where the CPU will look for patches to it's existing microcode, and apply it.

The solution if the system won't boot would be to use something like a system restore to roll back the Windows to it's pre-patch state. The system would then boot properly.
Click to expand...

The problem with Win 10, of course, is that unless MS pulls the patch, restoring will make little difference because the machine will re-apply the patch later in the day and the whole process will start over. I understand that MS reacted reasonably quickly in this instance but who's to say that will happen next time? I recall a couple of years ago MS issued a patch that made my primary software package totally inoperable. I was on Win 7 so I simply rolled back the patch, but if that had happened on Win 10 I would have been totally **********, as it took MS months to fix the patch.
 
You must log in or register to reply here.

Back
Top Bottom