Category: Computers, Science & Technology
Dr. Bill pontificates on all things technical!
A Really Good Explanation of Spectre and Meltdown!
Check this great three minute video from Red Hat explaining the issue!
CES 2018 – TPN – 2018-Jan-09-PM Recorded Live Report
This afternoon’s coverage from Techpodcasts Network with Todd Cochrane, Don Baine and F5
NOTE: This video is in HTML5/MP4 format, if you are using a REAL browser, you should be able to play it. If you are using a Microsoft Browser, then may we suggest Google Chrome?
CES 2018 – TPN – 2018-Jan-09-AM Recorded Live Report
This morning’s coverage from Techpodcasts Network with Todd Cochrane
NOTE: This video is in HTML5/M4V format, if you are using a REAL browser, you should be able to play it. If you are using a Microsoft Browser, then may we suggest Google Chrome?
Unintended Consequences: Microsoft Breaks Cortana Feature
When you drop services, things can happen!
Microsoft’s Cortana isn’t able to identify songs anymore
Engadget – By: Swapna Krishna – “Microsoft didn’t have much luck in the digital music realm, from the Zune to its Groove Music service. At the end of 2017, the company switched all of its existing Groove users over to Spotify and shut Groove down. But now it turns out the move came with an unforeseen complication, as reported by Neowin. Cortana, Microsoft’s smart assistant, can no longer recognize individual songs.
Previously, users could use the song identification feature by pressing Cortana’s music icon while a song was playing. But now, because Cortana doesn’t have the Groove library to check songs against, it says ‘Song unrecognized’ and informs the user that the feature has been retired. Jason Deakins, a Microsoft software engineer, discussed the issue in response to a Twitter user.
It makes sense that the lack of a music library would make the song identification feature unusable, but Neowin points out that the popular song recognition app Shazam is not available on the Windows Store. This means that Windows users no longer have a tool to identify music. It’s certainly not a great situation for anyone who used this feature regularly.”
Does YOUR Antivirus Stop the Meltdown/Spectre Patch?
Check the chart at the link below:
Windows Meltdown-Spectre fix: How to check if your AV is blocking Microsoft patch
ZDNet – By: Liam Tung – “Antivirus firms are gradually adding support for Microsoft’s Windows patch for the Meltdown and Spectre attack methods that affect most modern CPUs.
As Microsoft warned this week, it’s not delivering its January 3 Windows security updates to customers if they’re running third-party antivirus, unless the AV is confirmed to be compatible with it.
Microsoft’s testing found some antivirus products were producing errors by making unsupported calls into Windows kernel memory, resulting in blue screen of death (BSOD) errors.
Third-party Windows antivirus products need to support Microsoft’s security update and set a Windows registry key for customers to receive the update via Windows Update.
See: 50 time-saving tips to speed your work in Microsoft Office (free PDF)
To make matters more confusing, only some antivirus vendors are actually doing both, while others require admins to set the registry key themselves, using Microsoft’s instructions. Additionally, some antivirus companies haven’t completed compatibility testing.
Microsoft hasn’t said which antivirus products are compatible beyond its own Windows Defender and Microsoft Security Essentials. However, security researcher Kevin Beaumont has created a public spreadsheet that may help IT admins prepare for installing Microsoft’s mitigations for the attack techniques that affect CPUs from Intel, AMD and Arm, albeit to differing degrees.
Trend Micro says its products Trend Micro OfficeScan, Worry-Free Business Security, and Deep Security are affected by Microsoft’s new requirement for vendors to verify compatibility with the patch. While the company has completed testing and confirmed compatibility, customers who rely on Windows Update currently need to set the registry key themselves.
It hasn’t completed compatibility testing for all its products yet because Microsoft released the patch earlier than expected, according to Trend Micro. The company had been targeting the expected Patch Tuesday on January 9 rather than January 3. As such, the company is currently working on setting the registry in its products.
Others that have confirmed compatibility but haven’t set the registry key in their products include CrowdStrike, Endgame, McAfee, and SentinalOne. Microsoft offers separate instructions for setting the registry key on Windows Server and Windows clients.
Antivirus firms that have confirmed compatibility and set the registry keys in their products include Avast, Avira, EMSI, ESET, F-Secure, Kaspersky, and Malwarebytes.
Symantec is also in this second group but some customers have reported that the Symantec Endpoint Protection (SEP) tray icon is reporting ‘multiple problems’ after applying Microsoft’s update and Symantec’s updated Erasure engine.
‘On January 4, 2018, Symantec released an updated Eraser engine to ensure compatibility with the Microsoft out-of-band update that had been released the previous day. While this engine update resolves the compatibility issues it was meant to address, some environments have reported issues with the SEP system tray icon after applying both updates,’ Symantec says in a support note.
Applying operating system updates and dealing with antivirus compatibility issues are only half the solution.
As Microsoft noted previously, mitigating Meltdown and Spectre also requires installing firmware updates from hardware vendors.
While the operating system updates address Meltdown, Spectre fixes rely on firmware updates from hardware vendors that implement microcode fixes from chip vendors. In Intel’s case, its microcode update introduces its Indirect Branch Prediction Side Channel Analysis Method.
Microsoft has released this firmware in the form of UEFI updates for the Surface Pro 3, Surface Pro 4, Surface Book, Surface Studio, Surface Pro Model 1796, Surface Laptop, Surface Pro with LTE Advanced, and Surface Book 2.
‘The updates will be available for the above devices running Windows 10 Creators Update (OS version 15063) and Windows 10 Fall Creators Update (OS version 16299). You will be able to receive these updates through Windows Update or by visiting the Microsoft Download Center,’ says Microsoft.
Google has devised its own software alternative mitigation for the microcode fix using a technique called Retpoline. This addresses one of two Spectre attacks known as ‘branch target injection’.”
HP Recalls Certain Notebook Batteries
HP has announced a recall of certain laptop batteries due to overheating issues. Batteries manufactured between December 2015 and December 2017 are affected. HP has released a statement concerning this issue saying:
“The quality and safety of all HP products is our top priority. We recently learned that batteries provided by one of our suppliers for certain notebook computers and mobile workstations present a potential safety concern. We are taking immediate action to address this issue including a voluntary recall and replacement of the batteries. This action pertains to 0.1% of the HP systems sold globally over the past two years. Customers can visit HP’s website to learn if thier batteries should be replaced. Impacted customers will have their batteries replaced free of charge and may continue safely using their device by placing the battery in safety mode and connecting to an external power source.”
Affected models of notebooks include HP ProBooks (64x G2 and G3 series, 65x G2 and G3 series), HPx360 310 G2, HP Envy m6, HP Pavilion x360, HP 11, HP ZBook (17 G3, 17 G4, and Studio G3) Mobile Workstations.
Apple Makes a Statement About Meltdown and Spectre
Apple confirmed yesterday that the Meltdown and Spectre vulnerabilities DO affect Mac OS and iOS as well as their Apple TV operating system. There are fixes coming in the near future to defend against this vulnerability, however, no official dates of been set for their release.
Again, it’s amazing how much time has gone by before vendors are acknowledging that there are security issues regarding these exploits! The key to security in the computing world is transparency of information. Don’t hide your issues, thinking that it will protect you from bad publicity. You’ll get much more respect from computer users if you’re open about the issue and actually show that you’re working to address it as quickly and efficiently as possible!
Again, I’ll let you know when announcements are made concerning the patches and release of the fix for both the Mac and PC worlds.
Ajit Pai Cancels CES Speech
FCC chairman Ajit Pai has announced that he will not be speaking at CES 2018 as he was originally scheduled, due to death threats relating to his championing the repeal of rules regarding Net Neutrality. He and his family received death threats regarding this appearance, and there had been many prior to this event as well.
I am entirely sympathetic to the danger that he and his family are in, and certainly don’t blame him for changing his plans. This does, however, point out how many people have been energized, even in this extremely negative fashion, over the issue of Net Neutrality.
It is certainly my hope that Congress will address this with new laws that will ensure true Net Neutrality in the future. Large Internet providers, like Comcast, are already creating “fast lanes” for their services and charging people for them. This is exactly what was predicted would happen if the Net Neutrality rules were scaled-back.
Meltdown and Spectre Get Ugly!
So the big security news this week was the Meltdown and Spectre attack methods that affect most modern CPUs. Since they affect the CPUs directly, this is independent of operating system.
Microsoft has released a patch on January 3, which was Wednesday, however they have announced that if you’re running a third-party antivirus that is not confirmed to be compatible with this patch, the patch will be blocked. Some antivirus products were creating unsupported calls in the Windows kernel memory which resulted in blue screens of death (BSODs) in Windows. Third-party antivirus producers are scrambling to release their own updates that will allow the Microsoft patch to work correctly without crashing the system. Unfortunately, the third-party antivirus producers not only need to support the security update; there also needs to be a Windows registry key update as well. To really mitigate this issue system administrators have to make this registry change themselves. This is really sloppy, time-consuming, and generally a hassle for system administrators! The various vendors, including Microsoft, need to address this very quickly!
My assumption is that this will be taken care of given enough time, but in the meantime we’re left in an environment with a fairly large hole in the security arena. Plus, Microsoft is not specifically announcing which third-party antivirus products do work correctly with their patch! Come on guys, transparency is best and a free flow of information in order to keep us safe on our systems!
There’s also going to be a patch for the Linux kernel that should be out fairly soon. I’ll try to stay on top of this and let you know what happens, when it happens.