Intel makes Spectre fixes for Intel Kaby and Coffee Lake available

Published by

Click here to post a comment for Intel makes Spectre fixes for Intel Kaby and Coffee Lake available on our message forum
#5521716
data/avatar/default/avatar25.webp
Updated mb bios with the new microcode, got 20-40% performance drop in aida64 cpu tests. Rolled back to the previous bios. I prefer better performance more than these bloated exploit fixes.
#5521721
https://forums.guru3d.com/data/avatars/m/166/166706.jpg
I am still waiting for Skylake fix
#5521726
data/avatar/default/avatar36.webp
People freak way too much with OS security. It's like a vampire: won't come in (mostly) if you don't invite. Just be careful with what you download and visit - even use a portable secure browser if you must go to some dark corner of the internet. Also use an adblock extension and you're golden.
#5521754
https://forums.guru3d.com/data/avatars/m/246/246171.jpg
Phill-7:

Updated mb bios with the new microcode, got 20-40% performance drop in aida64 cpu tests. Rolled back to the previous bios. I prefer better performance more than these bloated exploit fixes.
You didn't lose performance due to bloat (microcode isn't that big). You lost performance because your hardware is no longer properly doing execution prediction like it used to. I wouldn't keep my hopes up that future patches are going to be better.
aka2k:

People freak way too much with OS security. It's like a vampire: won't come in (mostly) if you don't invite. Just be careful with what you download and visit - even use a portable secure browser if you must go to some dark corner of the internet. Also use an adblock extension and you're golden.
I think in most cases you're right, but from what I recall, these security flaws can be exploited remotely, and, can be exploited un-detected.
#5521777
https://forums.guru3d.com/data/avatars/m/271/271560.jpg
D3M1G0D:

Then you should reapply the fix. Security should always trump performance. Always.
agreed, tho to be honest i was waiting on the learned feedback from you guys before applying fix to my i7-7700
#5521793
data/avatar/default/avatar24.webp
D3M1G0D:

Then you should reapply the fix. Security should always trump performance. Always.
tunejunky:

agreed, tho to be honest i was waiting on the learned feedback from you guys before applying fix to my i7-7700
I am sure you overestimate the risks in this case. As far as I know the exploits are very hard to be used on remote machine, and the hacking tools development based on them is very complicated. Maybe only corporate users should be worried. I don\t think anybody would burn hundreds of hours on development just to hack somebody's not VIP personal machine.
#5521838
data/avatar/default/avatar23.webp
Raider0001:

I am still waiting for Skylake fix
Skylake already got a fix in the first batch. And Skylake-X was added in this round. So whichever Skylake you got, you should be covered!
#5521861
https://forums.guru3d.com/data/avatars/m/175/175902.jpg
D3M1G0D:

You could say the same about virtually every single exploit. "Who's going to bother hacking my little PC when there are big corporate users out there?" By that reasoning, regular consumers shouldn't ever bother with security patches. Also, by leaving your PC vulnerable you pose a potential threat to other devices that you are connected to (like herd immunity, it only works if everyone does it). As I said, security always trumps performance. No exceptions.
It has always been more easy to hack "not important small PC" than big company. On big company you can hit the jackpot... but most of the time you get nothing. On other hand with just easy plishing (you know, the hack where the "fail"used is the user lol) on thousand of computer you can earn ****Euro by month... If you really want to go on the bad way... wich one would you chose to target? So imagine with real "fail" in the system...
#5521904
data/avatar/default/avatar35.webp
Phill-7:

I am sure you overestimate the risks in this case. As far as I know the exploits are very hard to be used on remote machine, and the hacking tools development based on them is very complicated. Maybe only corporate users should be worried. I don\t think anybody would burn hundreds of hours on development just to hack somebody's not VIP personal machine.
Spectre 2 harrd to exploit on Ryzen perhaps, but there was some days ago reported around 140+ Spectre&Metdown exploits/viruses in wild just during January if I remember correctly.
#5521985
https://forums.guru3d.com/data/avatars/m/270/270041.jpg
No new updates showing for coffee lake right now, I assume the last one fixed it. Currently using Asus hero X bio version 1003. Unless a new one is meant to come?
#5521988
https://forums.guru3d.com/data/avatars/m/166/166706.jpg
nevcairiel:

Skylake already got a fix in the first batch. And Skylake-X was added in this round. So whichever Skylake you got, you should be covered!
Well no, Meltdown was fixed by Windows update but the motherboard wasn't updated by MSI for the Spectre, I think MSI did not apply it because of lack of stability
#5522253
https://forums.guru3d.com/data/avatars/m/258/258664.jpg
slyphnier:

i kinda curious why u guys care much about the this spectre and meltdown as personal user i mean like it been published, the hole are only allow hacker spying on your rig, but they cant do anything whatsoever i know some of you might concern about password etc. ... but again if you are hacker do u targeting personal user? say even u got/hacked someone pc, doesnt mean u getting their sensitive data either... well if i am hacker, i wont waste time like that... plus its not easy to bypass/remote from network, without specific program making those program undetectable by antimalware/antivirus proggram will another things that hacker need to be done well if the patch available and stable (not effecting performance etc.) of course i will install it but otherwise, for me personally, i dont care much about the spectre+meltdown hole
Given your logic you never have to worry about IT security as a home user.
#5522260
https://forums.guru3d.com/data/avatars/m/239/239175.jpg
slyphnier:

i kinda curious why u guys care much about the this spectre and meltdown as personal user i mean like it been published, the hole are only allow hacker spying on your rig, but they cant do anything whatsoever
So if I get your credit card info or your bank account logins, I can't do anything whatsoever? Wanna bet? 😛 Also, these exploits can serve as a middle step to enable other exploits.