Update to Intel’s Spectre and Meltdown

After the occurrence of Spectre and Meltdown at the beginning of this year it got fairly quiet about these processor security holes. Intel’s CEO, Brian Krzanich published a post regarding the security problems Spectre and Meltdown and explains that Intel is going to continue mitigating their effects and what was already done against those exploits.

  1. Intel points out that by now there are Microcode updates for every processor that was released in the past five years.
  2. The close cooperation with providers of antivirus programs to ensure a compatibility was also mentioned.

They announced that the hardware design of their newest processors has been changed to protect them against Spectre Variant 2 and Meltdown. There is still no solution for the Variant 1 of Spectre. According to Intel these improvements create barriers through extra security walls – on one hand between running applications and on the other hand between processors with different access rights.

The first processors that will have this hardware shield – Intel talks about, inter alia, the eighth Core-I generation – will be published in the second half of 2018, said Krzanich. It’s still not sure which processor series is actually meant with this, because the “Ice Lake” processors were initially planned as the ninth generation. Perhaps there will be sort of an “in-between” generation which is called “Whiskey Lake”.

##See our first article about Spectre and Meltdown

Please enter these characters in the following text field.

The fields marked with * are required.

More on this topic

26 Jan 2018 Array ( [id] => 314 [title] => What’s new? CPU issues „Spectre“ and „Meltdown“, no more extra charges for cashless paying methods and new DIN RAIL brackets for our BRICK series [authorId] => [active] => 1 [shortDescription] => With some interesting news we’re starting the year 2018. This article concerns three topics: First of all the CPU issues called “Spectre” and “Meltdown”. Furthermore we will explain why we charge no more extra fees for cashless paying methods, and we will show you the new DIN RAIL clamps for our spo-book BRICK series. [description] =>

CPU issues “Spectre” and “Meltdown”

With the beginning of 2018 one big problem in the IT field came up: The security holes Spectre and Meltdown, which were found in processors, especially in those by Intel. Skillfully attackers, exploiting these vulnerabilities, are able to extract data that the computer processes in its memory – including passwords. We at spo-comm are dealing with the currently emerging problems and are working on their solutions with our partners.

You will find a news ticker on our website soon, where you can get the most recent information about this topic. This way you will always stay up to date! You can also learn which of our Mini-PCs are affected and how we act against these issues.

No more Surcharging: Extra costs for cashless payment are eliminated

Since January 13th it is prohibited for merchants across the EU to charge any extra fees for cashless paying methods. This so-called “Surcharging” was used when a customer paid by credit card, SEPA direct debit or bank transfer. Although not initially affected by the "Surcharging" prohibition, PayPal also changed its terms and conditions on January 9th which now stipulate that merchants are not authorized to charge extra fees when a customer wants to use the PayPal services as a paying method.

What this means for our customers is, that even though this prohibition was made for the B2C field, as of now you will no longer pay any extra charges if you want to pay via PayPal or credit card in our online shop.

New DIN RAIL clamps for our BRICK series

For our BRICK series are now new clamps for DIN RAILS available. These clamps are screwed onto a fitting VESA mount and enable therefore the installation of the Mini-PC into switch cabinets. The rails can be directly selected while configuring your Mini-PC.

[views] => 3 [displayDate] => DateTime Object ( [date] => 2018-01-26 12:45:00.000000 [timezone_type] => 3 [timezone] => Europe/Berlin ) [categoryId] => 234 [template] => [metaKeyWords] => [metaDescription] => [metaTitle] => [tags] => Array ( ) [author] => [assignedArticles] => Array ( ) [media] => Array ( [0] => Array ( [id] => 4587 [blogId] => 314 [mediaId] => 49412 [preview] => 1 [media] => Array ( [id] => 49412 [albumId] => 7 [name] => Whatsnew_18_01 [description] => [path] => media/image/Whatsnew_18_01.jpg [type] => IMAGE [extension] => jpg [userId] => 56 [created] => DateTime Object ( [date] => 2019-11-06 00:00:00.000000 [timezone_type] => 3 [timezone] => Europe/Berlin ) [fileSize] => 1026540 [width] => 3000 [height] => 2000 ) ) ) [attribute] => Array ( [id] => 311 [blogId] => 314 [attribute1] => NULL [attribute2] => [attribute3] => [attribute4] => [attribute5] => [attribute6] => [digi1Inactivateblogarticle] => 0 [digi1Sponsoredpost] => 0 [digi1Featuredpost] => 0 [digi1Hideblogdetailsite] => 0 [digi1Showleftsidebarblogdetailsite] => 0 [digi1Disablecommentfunction] => 0 [digi1Hideimageslider] => 0 [digi1Relatedblogarticle1] => 322 [digi1Relatedblogarticle2] => 318 [digi1Relatedblogarticle3] => 300 [digi1Relatedblogarticle4] => [digi1Relatedblogarticle5] => [isReference] => 0 [relatedItem] => ) [comments] => Array ( ) ) 1
know-how
What’s new? CPU issues „Spectre“ and „Meltdown“, no more extra charges for cashless paying methods and new DIN RAIL brackets for our BRICK series
With some interesting news we’re starting the year 2018. This article concerns three topics: First of all the CPU issues called “Spectre” and “Meltdown”. Furthermore we will explain why we charge no more extra fees for cashless paying methods, and we will show you the new DIN RAIL clamps for our spo-book BRICK series.
7 Feb 2018 Array ( [id] => 316 [title] => Spectre and Meltdown – News about the recent CPU problems [authorId] => [active] => 1 [shortDescription] => As we mentioned in our last ‘What’s New’ article the security breaches Spectre and Meltdown are often discussed in recent days and weeks. What happened, what it’s all about and how the spo-comm Mini-PCs are affected you can find here. [description] =>

The history of Spectre and Meltdown

Since the beginning of the year urgent news causes trouble in the IT world: the CPU problems Spectre and Meltdown. The CPUs that are affected mostly come from Intel, but also AMD and smartphone chips by Apple and Samsung. Intel was already informed about these security breaches in June 2017 but only made it public at the beginning of January 2018.

Processor bug: What is happening?

Skillfully attackers, exploiting these vulnerabilities, are able to extract data that the computer processes in its memory – including passwords. Modern CPUs count on the so called out-of-order feature. In this process commands are executed speculative and probable not used data is loaded into the cache. Due to bad speculation it is possible that these commands are not executed in the program flow. Exactly those speculations enable the attack scenarios that were discovered.

Which CPUs are affected?

Mostly Intel suffers from these security breaches. They concern for example processors from the Core generation since 2008 but also the series Intel Atom C, E, A, x3 and Z as well as the Celeron and Pentium series J and N.

You can find the official Intel website about this topic and the list of all affected Intel CPUs here.

Also Google takes informs that processors from AMD and ARM are affected. They say Android systems are concerned but they are protected with the last security update from January 2nd. Apple has already fixed some of the bugs and plans to come up with new fixes with the update 10.3.3.

Here you can find the official website from AMD.

Which measures are there against Spectre and Meltdown?

The security breaches can be fixed by using complex security patches for all operating systems. Chaos is dominating the situation right now: BIOS updates with CPU microcode updates are provided by only a few producers. Microsoft already pull back its Windows patch for older systems. Apple gives blurry explanations regarding what happens to Macs produced before 2010, on which macOS High Sierra isn’t running.

According to some sources – which were not confirmed by Intel, AMD or other producers – the security updates slow down the older (produced before 2013) and weaker processors more than modern ones. For desktop PCs, notebooks and tablets with newer CPUs and Windows 10 the performance decrease is minimal. However in case of Windows 7 PCs with older CPUs Microsoft expects significant performance losses. The most concise impacts are found in systems with Intel processors and fast SSDs (especially PCIe SSDs with NVM protocol) when not just Windows updates but also the microcode update is made.

You can find the official Microsoft website here.

Microsoft Security TechCenter

Fake BSI mails about the security updates

Caution with fake e-mails about would-be updates concerning Spectre and Meltdown. Written in the name of the BSI (The German Federal Office for Information Security) the writer warns you that your terminal device is vulnerable and wants you to make those updates. You can find an example of such an e-mail under the following link.

Affected spo-comm Mini-PCs

Together with our partners we are constantly searching for solutions and are testing them. We are planning to provide fitting updates as soon as we get reliable information from Intel or Microsoft.

These spo-books are according to the current status not affected:

•    spo-book WINDBOX II
•    spo-book WINDBOX II Plus
•    spo-book BRICK MSE45
•    spo-book BRICK NM10
•    spo-book TURO GM45
•    spo-book NOVA GM45
•    spo-book BOX NM10
•    spo-book FLUKE NM10
•    spo-book iDESK
•    spo-book MOVE NM10
•    spo-book RUGGED NM10
•    spo-book MOVE T56N
•    spo-book RUGGED T56N
•    spo-book ION 2
•    spo-book ION 3
•    spo-book POS NM10
•    spo-book POS NM10 slim
•    spo-book SQUARE 15
•    spo-book TECH 92F
•    spo-book UNO NM10
•    spo-book WINDBOX III

Regarding the Spectre and Meltdown problems spo-comm advises:

•    Constantly keep an eye on the updates from Intel, AMD and Microsoft
•    First test the updates on a test PC in the deployment scenario before installing them on live PCs
•    Test the security patches on older devices and check the performance because it can come to performance losses
•    Be careful with BSI e-mails as they can be faked


##Read our last What's New article

[views] => 2 [displayDate] => DateTime Object ( [date] => 2018-02-07 13:00:00.000000 [timezone_type] => 3 [timezone] => Europe/Berlin ) [categoryId] => 234 [template] => [metaKeyWords] => [metaDescription] => [metaTitle] => [tags] => Array ( ) [author] => [assignedArticles] => Array ( ) [media] => Array ( [0] => Array ( [id] => 4585 [blogId] => 316 [mediaId] => 60884 [preview] => 1 [media] => Array ( [id] => 60884 [albumId] => 24 [name] => Spectre_und_Meltdown_02 [description] => [path] => media/image/Spectre_und_Meltdown_02.png [type] => IMAGE [extension] => png [userId] => 56 [created] => DateTime Object ( [date] => 2019-12-04 00:00:00.000000 [timezone_type] => 3 [timezone] => Europe/Berlin ) [fileSize] => 232548 [width] => 1500 [height] => 1000 ) ) ) [attribute] => Array ( [id] => 313 [blogId] => 316 [attribute1] => NULL [attribute2] => [attribute3] => [attribute4] => [attribute5] => [attribute6] => [digi1Inactivateblogarticle] => 0 [digi1Sponsoredpost] => 0 [digi1Featuredpost] => 0 [digi1Hideblogdetailsite] => 0 [digi1Showleftsidebarblogdetailsite] => 0 [digi1Disablecommentfunction] => 0 [digi1Hideimageslider] => 0 [digi1Relatedblogarticle1] => 314 [digi1Relatedblogarticle2] => 320 [digi1Relatedblogarticle3] => 322 [digi1Relatedblogarticle4] => [digi1Relatedblogarticle5] => [isReference] => 0 [relatedItem] => ) [comments] => Array ( ) ) 1
know-how
Spectre and Meltdown – News about the recent CPU problems
As we mentioned in our last ‘What’s New’ article the security breaches Spectre and Meltdown are often discussed in recent days and weeks. What happened, what it’s all about and how the spo-comm Mini-PCs are affected you can find here.
27 Apr 2018 Array ( [id] => 326 [title] => Update to Intel’s Spectre and Meltdown – Part 2 [authorId] => [active] => 1 [shortDescription] => Owners of older PCs with Windows 10 are waiting desperately for BIOS updates. The affected CPUs need these updates to protect Windows 10 against Spectre (variant 2) – but Microsoft doesn’t provide them. As an alternative there is now an optional Windows update. [description] =>

Windows update KB4090007 for Windows 10

Hoping for BIOS updates for Intel processors from the years 2013 and 2014 has come to an end. With its latest version from the 24 April 2018  the optional Windows update KB4090007 provides not only microcode updates for Coffee Lake (Core i-8000), Kaby Lake (i-7000) and Skylake (i-6000) but also for Broadwell (i-5000) und Haswell (i-4000). The update is available for 32- and for 64-Bit versions of Windows 10 – still it can only be downloaded via the Windows Update Catalog  over an unsecured http connection. Windows 10 PCs with Intel Atom processors still need BIOS updates.

KB4090007 also has a solution for another problem: In December 2017 Microsoft has provided BIOS updates with Microcode updates for some devices but the PowerShell-Script Get-SpeculationControl still reports no BTI protection.

Meltdown patches for Windows 7

Microsoft doesn’t provide Microcode updates for Windows 7 via Windows update because in this case BIOS updates are necessary. At the end of March some major problems occurred concerning the Meltdown patches for the 64-bit versions. These problems are known as the “Total Meltdown”. Those who followed installing these patches from the beginning on, are protected against Total Meltdown.

To make sure whether you’re protected a PoC (Proof of Concept)  was published.

Source: heise

 

##Read the first part of our Spectre and Meltdown series

 

##Read the last update on spectre and Meltdown

[views] => 2 [displayDate] => DateTime Object ( [date] => 2018-04-27 12:45:00.000000 [timezone_type] => 3 [timezone] => Europe/Berlin ) [categoryId] => 234 [template] => [metaKeyWords] => [metaDescription] => [metaTitle] => [tags] => Array ( ) [author] => [assignedArticles] => Array ( ) [media] => Array ( [0] => Array ( [id] => 4584 [blogId] => 326 [mediaId] => 60884 [preview] => 1 [media] => Array ( [id] => 60884 [albumId] => 24 [name] => Spectre_und_Meltdown_02 [description] => [path] => media/image/Spectre_und_Meltdown_02.png [type] => IMAGE [extension] => png [userId] => 56 [created] => DateTime Object ( [date] => 2019-12-04 00:00:00.000000 [timezone_type] => 3 [timezone] => Europe/Berlin ) [fileSize] => 232548 [width] => 1500 [height] => 1000 ) ) ) [attribute] => Array ( [id] => 323 [blogId] => 326 [attribute1] => NULL [attribute2] => [attribute3] => [attribute4] => [attribute5] => [attribute6] => [digi1Inactivateblogarticle] => 0 [digi1Sponsoredpost] => 0 [digi1Featuredpost] => 0 [digi1Hideblogdetailsite] => 0 [digi1Showleftsidebarblogdetailsite] => 0 [digi1Disablecommentfunction] => 0 [digi1Hideimageslider] => 0 [digi1Relatedblogarticle1] => 314 [digi1Relatedblogarticle2] => 316 [digi1Relatedblogarticle3] => 322 [digi1Relatedblogarticle4] => [digi1Relatedblogarticle5] => [isReference] => 0 [relatedItem] => ) [comments] => Array ( ) ) 1
know-how
Update to Intel’s Spectre and Meltdown – Part 2
Owners of older PCs with Windows 10 are waiting desperately for BIOS updates. The affected CPUs need these updates to protect Windows 10 against Spectre (variant 2) – but Microsoft doesn’t provide them. As an alternative there is now an optional Windows update.