[mtr]

See also https://lihkg.com/thread/518045/page/1


https://hardware.slashdot.org/story/18/ ... rage-users


... The tech blogosphere lit up yesterday afternoon after reports of a critical bug in modern Intel processors has the potential to seriously impact systems running Windows, Linux and macOS.

The alleged bug is so severe that it cannot be corrected with a microcode update, and instead, OS manufacturers are being forced to address the issue with software updates, which in some instances requires a redesign of the kernel software.

Some early performance benchmarks have even suggested that patches to fix the bug could result in a performance hit of as much as 30 percent. Since reports on the issues of exploded over the past 24 hours, Intel is looking to cut through the noise and tell its side of the story.

The details of the exploit and software/firmware updates to address the matter at hand were scheduled to go live next week. However, Intel says that it is speaking out early to combat "inaccurate media reports."

Intel acknowledges that the exploit has "the potential to improperly gather sensitive data from computing devices that are operating as designed." The company further goes on state that "these exploits do not have the potential to corrupt, modify or delete data."

The company goes on to state that the "average computer user" will be negligibly affected by any software fixes, and that any negative performance outcomes "will be mitigated over time."

In a classic case of trying to point fingers at everyone else, Intel says that "many different vendors' processors" are vulnerable to these exploits.

[mtr]

睇黎個人電腦，特別是筆電的補鑊 patch 無咁快出到，而家幾位龍頭大佬先同使用 intel CPU 的雲端 server 補左鑊先。

http://www.pingwest.com/wire/intel-1995 ... cos-linux/

英特尔芯片被曝两个漏洞：1995年之后Windows、MacOS和Linux都受影响

... 有许多云服务使用英特尔服务器，它们也会受到影响，正因如此，亚马逊、微软、Google已经行动起来，给云服务打补丁，按计划中断服务，防止攻击者窃取数据，攻击者可能会在相同的共享云服务器上窃取其它数据。

[peterso]

[mtr]

Latest info on related security patch :

Win 10 : security patch just released

2018-01 適用於 x64 系統 Windows 10 Version 1709 的累積更新 (KB4056892)

Mac: Update NOW to High Sierra 10.13.2
Linux: Update NOW
Android: Update NOW to latest security update (2018-01-05 or after)

See also

https://unwire.hk/2018/01/04/updatestoc ... ch-secure/

[mtr]

http://mashable.com/2018/01/04/google-c ... -meltdown/

用 chrome browser 請

1) 更新 browser
2) 在輸入網址欄打 "chrome://flags/#enable-site-per-process"
3) 你應該見到有行字 "Strict site isolation" 變做黃底黑字
4) 緊記下圖紅框部分一定要係 "啟用" 或 "enabled"
5) 重啟你的 chrome browser

你可能會覺得用 chrome browser 瀏覽網頁會比以前慢左少少，但小弟唔覺。

[kirintea]

http://mashable.com/2018/01/04/google-c ... -meltdown/

用 chrome browser 請

1) 更新 browser
2) 在輸入網址欄打 "chrome://flags/#enable-site-per-process"
3) 你應該見到有行字 "Strict site isolation" 變做黃底黑字
4) 緊記下圖紅框部分一定要係 "啟用" 或 "enabled"
5) 重啟你的 chrome browser

你可能會覺得用 chrome browser 瀏覽網頁會比以前慢左少少，但小弟唔覺。

要按 "啟用" 或 "enabled"

[Sman]

Window users just simply choose autoupdate


Meltdown can be fixed but Spectre