Microsoft Alerts

[AplusWebMaster]

FYI...

MS Malware Protection Engine - Remote Code Execution Vuln
> https://portal.msrc.microsoft.com/en...CVE-2017-11937
12/06/2017 Critical - "... First version of the Microsoft Malware Protection Engine with this vulnerability addressed: Version 1.1.14405.2 ..."

> https://portal.msrc.microsoft.com/en...idance/summary
12/06/2017

- https://www.securitytracker.com/id/1039972
CVE Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-11937
Dec 7 2017
Impact: Execution of arbitrary code via network, Root access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 1.1.14306.0 ...
Impact: A remote user can create content that, when scanned by the target Microsoft Malware Protection Engine, will execute arbitrary code with LocalSystem privileges on the target system.
Solution: The vendor has issued a fix (1.1.14405.2)...

Microsoft Issues Fix for Microsoft Exchange Server
> https://www.securitytracker.com/id/1039973
Dec 7 2017

Microsoft Issues Fix for Microsoft Forefront Endpoint Protection
> https://www.securitytracker.com/id/1039974
Dec 7 2017

Microsoft Issues Fix for Microsoft Windows Defender
> https://www.securitytracker.com/id/1039975
Dec 7 2017

> https://support.microsoft.com/en-us/...nt-information
___

- https://www.us-cert.gov/ncas/current...tection-Engine
Dec 7, 2017

[AplusWebMaster]

FYI...

- https://blogs.technet.microsoft.com/...pdate-release/
Dec 12, 2017 - "Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically..."

Release Notes - December 2017 Security Updates
- https://portal.msrc.microsoft.com/en...d-000d3a32f9b6
Dec 12, 2017 - "The December security release consists of security updates for the following software:
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- Microsoft Exchange Server
- ChakraCore
- Microsoft Malware Protection Engine..."

Security Update Summary
> https://portal.msrc.microsoft.com/en...urity-guidance
___

December 2017 Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
Dec 12, 2017 - "... This month, there are -9- security updates and 30 non-security updates. All of the security and non-security updates are listed in KB article 4055454*.
A new version of Office 2013 Click-To-Run is available: 15.0.4989.1000
A new version of Office 2010 Click-To-Run is available: 14.0.7191.5000 ..."

* https://support.microsoft.com/en-us/...crosoft-office
Last Updated: Dec 12, 2017
___

ADV170022 | December 2017 Flash Security Update
- https://portal.msrc.microsoft.com/en...V170022#ID0EGB
12/12/2017
- https://support.microsoft.com/en-us/...cember-12-2017
___

- https://www.askwoody.com/2017/ms-def...te-turned-off/
"... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it..."
___

ghacks.net: https://www.ghacks.net/2017/12/12/mi...-2017-release/
Dec 12, 2017 - "... Executive Summary:
Microsoft released security updates for all versions of Windows the company supports (client and server).
No critical updates for Windows, but for IE and Edge.
Other Microsoft products with security updates are: Microsoft Office, Microsoft Exchange Server, Microsoft Edge and Internet Explorer.
Operating System Distribution:
Windows 7: 2 vulnerabilities of which 2 are rated important
Windows 8.1: 2 vulnerabilities of which 2 are rated important
Windows 10 version 1607: 3 vulnerabilities of which 3 are rated important
Windows 10 version 1703: 3 vulnerabilities of which 3 are rated important
Windows 10 version 1709: 3 vulnerabilities of which 3 are rated important
Windows Server products:
Windows Server 2008: 2 vulnerabilities of which 2 are rated important
Windows Server 2008 R2: 2 vulnerabilities of which 2 are rated important
Windows Server 2012 and 2012 R2: 2 vulnerabilities of which 2 are rated important
Windows Server 2016: 3 vulnerabilities of which 3 are rated important
Other Microsoft Products:
Internet Explorer 11: 13 vulnerabilities, 9 critical, 4 important
Microsoft Edge: 13 vulnerabilities, 12 critical, 1 important..."

Qualys analysis: https://blog.qualys.com/laws-of-vuln...nd-to-the-year
Dec 12, 2017 - "This December Patch Tuesday is considerably lighter than last month’s patch releases. While only three of the fixes were for Windows operating system, the majority of the vulnerabilities to pay attention to are Browser/Scripting Engine based. For an overview, we show fixes for 32 unique CVEs addressed, with 19 Critical, and 24 addressing remote code execution at varying severity levels. No active exploits are listed by Microsoft again this month. From a prioritization standpoint, again we turn our focus to the browsers and the Scripting Engine Memory Corruption Vulnerabilities. We recommend prioritizing patching for user facing workstations to address the 19 Critical Internet Explorer and Edge updates released today by Microsoft, as they are listed as “Exploitation More Likely”. There are no known exploits as of yet, but this is an opportunity to remain ahead of any future exploits that may be released.
There is one Windows OS vulnerability that should be reviewed, and that is the fix for CVE-2017-1885, which is a Remote Code Execution using RPC on systems that have RRAS enabled. Make sure you are patching systems that are using RRAS, and ensure it is not enabled on systems that do not require it, as disabling RRAS will protect against the vulnerability. For that reason it is listed as Exploitation less likely, but should get your attention after patching the browsers. Additionally, we recommend you take some time to review ADV170021, a Defense-in-Depth update that has configuration options to allow you to exert more control over DDE behaviors, in light of the recent DDE exploits that have been publicized. Note that this configuration change would be made after installing the update referenced in the advisory.
It should also be noted that on December 7, Microsoft released an out-of-band emergency patch for CVE-2017-11937 and CVE-2017-11940, which was a flaw in the Microsoft Malware Protection engine that could allow an attacker to create a specially crafted file that would be scanned by the Malware Protection engine, allowing for code execution on the endpoint. The patch was automatically ingested by the affected engines via definition updates, so no action should be required. As a precautionary measure, if you are using Microsoft’s Malware Protection engine in Defender, Security Essentials, Forefront Endpoint Protection, or the engines in Exchange 2013 or 2016, ensure that your updates are being applied automatically, and that you are on at least Version 1.1.14405.2 of the Malware Protection Engine.
From the Adobe side, there was only one Flash update, APSB17-42 listed as a “Business Logic Error”. So all in all, a rather quiet end to a busy year in vulnerabilities..."
___

- https://www.us-cert.gov/ncas/current...curity-Updates
Dec 12, 2017
___

Additional information:
- https://www.securitytracker.com/id/1039987
- https://www.securitytracker.com/id/1039989
- https://www.securitytracker.com/id/1039990
- https://www.securitytracker.com/id/1039991
- https://www.securitytracker.com/id/1039992

- https://www.securitytracker.com/id/1039993
- https://www.securitytracker.com/id/1039994
- https://www.securitytracker.com/id/1039995
- https://www.securitytracker.com/id/1039996
- https://www.securitytracker.com/id/1039997

- https://www.securitytracker.com/id/1039998

[AplusWebMaster]

FYI...

Win7 updates get bigger
... monthly security rollups for Windows 7 have almost -doubled- in size
> https://www.computerworld.com/articl...ng-bigger.html
Dec 14, 2017 - "... At the 12-update pace that Windows 7's rollups have established, the 64-bit version will weigh in at approximately 350MB by October 2018, and a year after that, as Windows 7 nears its expiration date, almost 600MB. The latter would represent a 20% boost above and beyond Mercer's target size. Likewise, the x86 edition would increase to 216MB and 374MB in 2018 and 2019, respectively, if the 12-update growth rate continues:
> https://images.idgesg.net/images/art...4368-large.jpg
... The 64-bit security-only for July was just 30MB and the 32-bit was an even smaller 19MB, compared to the same month's rollups of 194MB and 119MB. The differences in December were even starker: 900KB and 1.4MB for the 32- and 64-bit security only updates, respectively, and 125.1MB and 204.7MB for the rollups. The rollups are larger not only because they drag their past with them - each succeeding rollup includes that month's patches as well as all previous patches back to October 2016 - but because they also include non-security bug fixes. Usually, though not always, issued later in each month, the non-security updates are bundled with the security patches, adding to the size of the rollup..."

[AplusWebMaster]

FYI...

MS Store reliability improvements for Windows 10 Version 1709
- https://support.microsoft.com/en-us/...version-1709-d
Dec 15, 2017
Applies to: Windows 10 version 1709
"Summary: This update makes reliability improvements to Microsoft Store and fixes an issue that could cause app update failures and cause Microsoft Store to generate unnecessary network requests...
This update is available through Windows Update*. When you turn on automatic updating, this update will be downloaded and installed automatically..."
* https://support.microsoft.com/en-us/...ows-update-faq
___

> http://borncity.com/win/2017/12/16/w...ate-kb4058043/
2017-12-16 - "... Microsoft has released another (reliability) update KB4058043 for Windows 10 Fall Creators Update on December 15, 2017. Here are some hints for this (reliability) update... Unfortunately they don’t tell us in detail, which app update error(code) has been fixed..."
> https://i.imgur.com/MRqZGV0.jpg
___

Win10 Fall Creators Update December patch KB 4054517 fails...
... This month’s cumulative update for Win10 Fall Creators Update fails hard on many systems, with INACCESSIBLE_BOOT_DEVICE, network problems and more. Several possible culprits identified, but no definitive solution
- https://www.computerworld.com/articl...-big-time.html
Dec 18, 2017 - "Some subset of users of Windows 10 Fall Creators Update, version 1709, report persistent bugs with this month’s Patch Tuesday missive, KB 4054517. Many of those reporting problems are using recent Surface devices. Microsoft has not acknowledged any problems... doesn’t seem to explain all of the problems that people are encountering, but it may account for some. Microsoft, as usual, has not confirmed the problem and the persistent “advice” is to Reset or reinstall Windows — a process that’s been shown, time and time again, to be ineffective. No, the Windows Update Troubleshooter doesn't work either."

> https://answers.microsoft.com/en-us/...1-d5d500780963
12/12/2017

December 12, 2017—KB4054517 (OS Build 16299.125)
Applies to: Windows 10, Windows 10 version 1709
> https://support.microsoft.com/en-us/...date-kb4054517
"... Microsoft is not currently aware of any issues with this update..."

"... My mind is going. I can feel it." - HAL 2001 Space Odyssey

[AplusWebMaster]

FYI...

Windows 10 - Dec 12, 2017 — KB4054517 (OS Build 16299.125)
... Applies to: Windows 10, Windows 10 version 1709
Windows 10 Version 1709 - KB4054517 (OS Build 16299.125)
- https://support.microsoft.com/en-us/...date-kb4054517
Last Updated: Dec 20, 2017
"... Windows Update History reports that KB4054517 failed to install because of Error 0x80070643.
Even though the update was successfully installed, Windows Update incorrectly reports that the update failed to install. To verify the installation, select the Check for Updates button to confirm that there are no additional updates available. You can also type 'About your PC' in the Search box on your taskbar to confirm that your device is using OS Build 16299.15.
Microsoft is working on a resolution and will provide an update in an upcoming release."
Also see: "Known issues in this update..."

- https://www.askwoody.com/2017/micros...lative-update/
Dec 21, 2017 - "Update on these bugs and two more — an Excel 2016 security patch bug from last month, and an Exchange Server security patch bug from this month..."

- https://www.computerworld.com/articl...-big-time.html
Dec 18, 2017

> https://www.computerworld.com/articl...b-4054517.html
Dec 21, 2017

Related:

Description of the security update for Excel 2016: November 14, 2017
> https://support.microsoft.com/en-us/...vember-14-2017
Last Updated: Dec 19, 2017
See: "Known issues..."

Microsoft Exchange: September 12, 2017
> https://support.microsoft.com/en-us/...ge-december-12
Last Updated: Dec 19, 2017
See: "Known issues..."
___

MS Dec Security Update KB4054518 breaks opening office documents
- https://www.symantec.com/connect/for...fice-documents
14 Dec 2017 - "After installation of the December KB4054518 (Monthly Rollup), opening Office documents from a encrypted fileshare is broken..."
>> https://www.symantec.com/connect/for...mment-11943651

> https://support.microsoft.com/en-us/...date-kb4054518
Applies to: Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1
Last Updated: Dec 10, 2017

[AplusWebMaster]

FYI...

Dec 12, 2017 — KB4054518 (Monthly Rollup)
Applies to: Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1
- https://support.microsoft.com/en-us/...date-kb4054518
Last Updated: Dec 10, 2017 ...
Known issues in this update: Microsoft is not currently aware of any issues with this update..."
___

Time to install MS patches -except- KB 4054517 for Win10 Fall Creators Update
... Although there are a few lingering problems, just about everybody should get this month’s patches installed now — except those of you who installed (or got forced into) the lump-of-coal Win10 version 1709
- https://www.computerworld.com/articl...rs-update.html
Dec 22, 2017 - "... If you’re running Win10 Creators Update, version 1703 (current preference), or version 1607, the Anniversary Update, and you want to stay on 1607 or 1703... As is always the case, DON’T CHECK ANYTHING THAT’S UNCHECKED. In particular, don’t be tempted to install anything marked 'Preview'...”
> https://www.askwoody.com/2017/ms-def...-version-1709/

Microsoft confirms stalled downloads, bogus errors in Win10 FCU update KB 4054517
... Microsoft just confirmed two major bugs in this month’s cumulative update for Win10 Fall Creators Update, KB 4054517 — which we described earlier this week. We also have confirmation of bugs in the November Excel 2016 patch and in this month’s Exchange Server patch
- https://www.computerworld.com/articl...b-4054517.html
Dec 21, 2017

December 12, 2017 — KB4054517 (OS Build 16299.125)
Applies to: Windows 10, Windows 10 version 1709
- https://support.microsoft.com/en-us/...date-kb4054517
Last Updated: Dec 20, 2017
"... Microsoft is working on a resolution and will provide an update in an upcoming release..."
See: "Known issues in this update..."

Windows 10, Version 1709 Has Issues
> https://windowssecrets.com/windows-s...09-has-issues/
Nov 30, 2017

... Windows 10 FCU — version 1709, build 16299, Redstone 3 — just around the corner, here are the best ways to ensure you install the update when you’re ready, -not- when Microsoft says so
- https://www.computerworld.com/articl...nstalling.html
Oct 15, 2017

Fixes or workarounds for recent Office issues
... Applies To: Excel 2016 Word 2016 Outlook 2016 PowerPoint 2016 More...
- https://support.office.com/en-us/art...d-264c6907ea75

> https://support.office.com/en-us/art...c-cd74884f292f
Last updated: December 2017

ADV170021 | Microsoft Office Defense in Depth Update
> https://portal.msrc.microsoft.com/en...sory/ADV170021
12/12/2017

Microsoft Security Advisory 4053440
Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields
> https://technet.microsoft.com/librar...d=cx-wdsi-ency
Published: November 8, 2017 | Updated: December 12, 2017
Version: 2.0

Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation
... Powerful behind-the-scenes features in Office have suddenly stepped back into the malware limelight, with an onslaught of mostly macro-less attacks starring jimmied Word, Excel and PowerPoint documents
- https://www.computerworld.com/articl...fuscation.html
Dec 19, 2017

[AplusWebMaster]

FYI...

Win10 FCU - KB4054517 (OS Build 16299.125)
Applies to: Windows 10, Windows 10 version 1709
- https://support.microsoft.com/en-us/...date-kb4054517
Last Updated: Jan 2, 2018
See: "Known issues in this update..."

> https://portal.msrc.microsoft.com/en...idance/summary

[AplusWebMaster]

FYI...

>> https://doublepulsar.com/important-i...u-a852ba0292ec
Jan 8, 2018 - "... the Microsoft knowledge base articles have had extensive edits since publishing. There’s some really important things you should know before trying to apply the patches..."
>> https://support.microsoft.com/en-us/...virus-software
Last Updated: Jan 6, 2018

- https://docs.google.com/spreadsheets...aring&sle=true
CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 (Meltdown and Spectre) Windows antivirus patch compatibility
Last update: 8th January 2018 @20.30 GMT
___

> https://blogs.technet.microsoft.com/...pdate-release/
Jan 9, 2018 - "Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically..."

Release Notes - Jan 2018 Security Updates
> https://portal.msrc.microsoft.com/en...7-000d3a33cf99
Jan 09, 2018 - "The January security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
SQL Server
ChakraCore
.NET Framework
.NET Core
ASP.NET Core
Adobe Flash ..."

Known Issues:
4056890: https://support.microsoft.com/help/4056890
4056891: https://support.microsoft.com/help/4056891
4056892: https://support.microsoft.com/help/4056892
4056893: https://support.microsoft.com/help/4056893
4056888: https://support.microsoft.com/help/4056888
4056895: https://support.microsoft.com/help/4056895
4056898: https://support.microsoft.com/help/4056898
4056894: https://support.microsoft.com/help/4056894
4056897: https://support.microsoft.com/help/4056897
4056896: https://support.microsoft.com/help/4056896
4056899: https://support.microsoft.com/help/4056899

Security Updates: https://portal.msrc.microsoft.com/en...urity-guidance

Security Update Summary: https://portal.msrc.microsoft.com/en...idance/summary

January 2018 Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
Jan 9, 2018 - "The January 2018 Public Update releases for Office are now available! This month, there are 36 security updates and 25 non-security updates. All of the security and non-security updates are listed in KB article 4058103*.
A new version of Office 2013 Click-To-Run is available: 15.0.4997.1000
A new version of Office 2010 Click-To-Run is available: 14.0.7193.5000"
* https://support.microsoft.com/help/4058103
___

ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities
- https://portal.msrc.microsoft.com/en...sory/ADV180002
Security Advisory
Published: 01/03/2018 | Last Updated : 01/09/2018
... Disclaimer: The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Revisions: Version / Date / Description
1.0 01/03/2018 Information published.
2.0 01/03/2018 Revised ADV180002 to announce release of SQL 2016 and 2017 updates.
3.0 01/05/2018 The following updates have been made: Revised the Affected Products table to include Windows 10 Version 1709 for x64-based Systems because the update provides mitigations for ADV180002. Corrected the security update numbers for the 2016 and 2017 SQL Server Cumulative Updates. Removed Windows Server 2012 and Windows Server 2012 (Server Core installation) from the Affected Products table because there are no mitigations available for ADV180002 for these products. Revised the Affected Products table to include Monthly Rollup updates for Windows 7 and Windows Server 2008 R2. Customers who install monthly rollups should install these updates to receive the mitigations against the vulnerabilities discussed in this advisory. In the Recommended Actions section, added information for Surface customers. Added an FAQ to explain why Windows Server 2008 and Windows Server 2012 will not receive mitigations for these vulnerabilities. Added an FAQ to explain the protection against these vulnerabilties for customers using x86 architecture.
4.0 01/09/2018 Revised the Affected Products table to include updates for the following supported editions of SQL Server because the updates provide mitigations for ADV180002: Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3 (QFE), Microsoft SQL Server 2008 for 32-bit Systems Service Pack 4 (QFE), Microsoft SQL Server 2008 for Itanium-Based Systems Service Pack 3 (QFE), Microsoft SQL Server 2008 for Itanium-Based Systems Service Pack 4 (QFE), Microsoft SQL Server 2016 for x64-based Systems, Microsoft SQL Server 2016 for x64-based Systems (CU).
___

ghacks.net:
- https://www.ghacks.net/2018/01/09/mi...-2018-release/
Jan 9, 2018

Qualys blog: https://blog.qualys.com/laws-of-vuln...-1-adobe-patch
Jan 9, 2018 - "... It is important to note that OS-level and BIOS (microcode) patches that are designed to mitigate Meltdown and Spectre may lead to performance issues. It is important to test all patches before deploying.
Some of these updates are incompatible with third-party antivirus software, and may require updating AV on workstations and servers. Microsoft has released guidance documents for both Windows clients and servers. Windows Server requires registry changes in order to implement the protections added by the patches.
Microsoft has also halted the deployment of patches for some AMD systems, as there have been issues with systems after installation.
Aside from these patches, today Microsoft has released patches covering 59 vulnerabilities. Of these vulnerabilities, 16 are ranked as “Critical,” with 20 potentially leading to remote code execution.
In today’s release there are patches for both Microsoft Word and Outlook, which should also be prioritized for workstation-type devices. Most of the patches released today are for browsers and involve the Scripting Engine. These patches should be prioritized for systems that access the internet via a browser..."
___

- https://www.us-cert.gov/ncas/current...curity-Updates
Jan 09, 2018
- https://support.microsoft.com/en-us/...january-9-2018

[AplusWebMaster]

FYI...

BIOS Updates to Patch CPU Flaws
- http://www.securityweek.com/device-m...atch-cpu-flaws
Jan 15, 2018 - "Acer, Asus, Dell, Fujitsu, HP, IBM, Lenovo, Panasonic, Toshiba and other device manufacturers have started releasing BIOS updates that should patch the recently disclosed Spectre and Meltdown vulnerabilities.
The flaws exploited by the Meltdown and Spectre attacks, tracked as CVE-2017-5715, CVE-2017-5753and CVE-2017-5754, allow malicious applications to bypass memory isolation mechanisms and access sensitive data. Billions of PCs, servers, smartphones and tablets using processors from Intel, AMD, ARM, IBM and Qualcomm are affected...
(Much more detail at the URL above.)

> https://www.sans.org/newsletters/newsbites/xx/3#1
"CPU Patches - (January 9, 10, & 11, 2018)
Some vendor patches for the Spectre and Meltdown CPU vulnerabilities have been causing problems for users. Microsoft said that systems running incompatible anti-virus products would not receive any further updates; anti-virus vendors must confirm compatibility by setting a registry key. Linux has released microcode to address the CPU problems for certain processors. Canonical had to release a new patch after Ubuntu Xenial 16.04 users reported that the first fix rendered their systems unable to boot. Google says it applied patches for the flaws last year and that they have not slowed down its cloud services.
The patches are complicated and some require steps beyond just clicking install to complete the mitigation. They are also changing rapidly as issues surface and are resolved. Test not only for stability after application but also for performance impact.
There are patches and then there are PATCHES. It is pretty clear that software/firmware PATCHES for Spectre/Meltdown are complex and will, at a minimum, have performance impact. They will require significantly more QA testing than routine monthly Microsoft vulnerability Tuesday patches, probably even more than quarterly Oracle CPU PATCHES. Spinning up production environments (with obfuscated data) on IaaS services has enabled many organizations to increase depth of patch/PATCH testing while minimizing increases in time to patch. But, shielding, mitigation and monitoring will be needed in the interim..."

- http://www.zdnet.com/article/microso...-meltdown-fix/
Jan 10, 2018

- https://www.computerworld.com/articl...hich-ones.html
Jan 11, 2018

> https://www.askwoody.com/2018/reaffi...t-ms-defcon-2/
"...Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it."

[AplusWebMaster]

FYI...

GRC test utility for 'Meltdown and Spectre' vulnerabilties
- https://www.grc.com/inspectre.htm
Jan 15, 2018 - "This is the Initial Release of InSpectre - We did not wish to delay this application's release while building additional confidence in its conclusions and output. It has been carefully tested under as many different scenarios as possible. But new is new, and it is new. We may well have missed something. So please use and enjoy InSpectre now. But you may wish to check back in a few days to see whether we may have found and fixed some last bits of debris.... Protection from these two significant vulnerabilities requires updates to every system's hardware – its BIOS which reloads updated processor firmware – and its operating system – to use the new processor features. To further complicate matters, newer processors contain features to minimize the performance impact of these important security improvements. But older processors, lacking these newer features, will be significantly burdened and system performance will suffer under some workloads.
This InSpectre utility was designed to clarify every system's current situation so that appropriate measures can be taken to update the system's hardware and software for maximum security and performance."
(Download the utility from the URL above.) - Thank you, Steve!!!

... Added Jan 16, 2018: "High incidence of -false-positive- A/V warnings:
People are reporting that their 3rd-party anti-virus systems are quarantining InSpectre under the mistaken belief that it's malicious. This did not occur during early work, and is almost certainly due to the end-of-project inclusion of the protection enable/disable buttons and the presence of the registry key they use. I would rather not remove that feature... I will explore obscuring the use of that key to see whether false positive anti-virus warnings can be eliminated. At that time I will clarify some of the conflicting language the app can produce and also explain why the enable/disable buttons may be disabled (there's nothing for them to enable or disable in specific circumstances.)"
___

Windows 7 SP1 and Windows Server 2008 R2 SP1
January 4, 2018 — KB4056894 (Monthly Rollup)
Applies to: Windows Server 2008 R2 Service Pack 1Windows 7 Service Pack 1
- https://support.microsoft.com/en-us/...date-kb4056894
Last Updated: Jan 12, 2018
___

Patch Watch: Tracking Issues with the Spectre Patches on AMD Machines
> https://windowssecrets.com/windows-s...-amd-machines/
Jan 11, 2018 - "Beware, AMD chip owners. For you Windows Secrets readers who have computers with AMD inside, these Spectre/Meltdown patches are causing more issues than they are preventing. So much so that Microsoft has halted release of the updates on machines that have AMD chipsets. Some of the relevant security posts include the following:
Microsoft’s KB4073707 on the issues with AMD chip sets and how Microsoft is blocking the patches until the issue is resolved:
- https://support.microsoft.com/en-us/...-based-devices
Microsoft’s KB4073757 recapping the overall guidance:
- https://support.microsoft.com/en-us/...ectre-meltdown
Let’s recap the big picture:
> Intel CPU chips have a bug in their very architecture.
Researchers found a way for attackers to possibly steal passwords and other confidential information from our machines. As of publication, the attack has not been used in the wild. However, the potential is there and it’sreally concerning up in cloud servers as it could mean that fellow virtual servers could read information from a tenant next door.
It won’t be enough to patch for the Windows operating system, you’ll need to patch the firmware on your computer as well.
It’s not a Microsoft bug, but because everything uses CPUs, pretty much everything needs to be patched ranging from phones to firewalls. So after you get your patches for Windows, go look for updates for anything else that has a CPU included in it (I’m not kidding or overstating the issue).
A bigger concern to many will be the performance hit this “fix” will make on your system as discussed in a Microsoft blog[2].
2] https://cloudblogs.microsoft.com/mic...ndows-systems/
The older your computer the more the “hit” will be. If you have a computer that is a 2015-era PC with Haswell or older CPU – you will notice a difference.
CERT goes so far as to recommend replacing the CPU hardware in their blog post[1]. I’m not ready to go that far, but it would be wise to review how old your computer hardware is, evaluate the performance hit and plan accordingly.
1] https://web.archive.org/web/20180104...vuls/id/584653
Check That Your Antivirus Is Supported:
Because this is a kernel update, antivirus vendors who have hooked into the kernel for additional protection could trigger blue screens of death if they are not updated for the change introduced by this patch. Thus Microsoft is requiring that before the January Windows and .NET updates are installed that a registry entry is made by the vendor – or by you if your vendor doesn’t provide the registry key in an update – before the January updates are installed.
Make sure you review the antivirus listing page that is tracking all of the antivirus vendors and when they plan to support these January updates. If your vendor doesn’t support these updates, it’s time to find a new vendor...
Make sure you review the antivirus listing page*** that is tracking all of the antivirus vendors and when they plan to support these January updates. If your vendor doesn’t support these updates, it’s time to find a new vendor...
*** https://docs.google.com/spreadsheets...lview?sle=true

Protect your Windows devices against Spectre and Meltdown
Applies to: Windows 10, Windows 10 Mobile, Windows 8.1, Windows 7, HoloLens, Windows Server 2016, Windows Server 2012 Standard, Windows Server 2012 R2 Standard, Windows Server 2008 R2 Standard
> https://support.microsoft.com/en-us/...ectre-meltdown
Last Updated: Jan 10, 2018