My PC Is Protected Against Spectre, But NOT Meltdown?! Can Anyone Help?

[Kjennings92]

Well, the title pretty much states it- my system IS protected against the Spectre bug(s), but NOT completely against the Meltdown bug(s). I should mention that it's my custom-pc that I built a year ago. (Other things to know: I stay on top of BIOS/firmware/driver/software/Windows Updates, etc. The pc is running Windows 10 Pro version 2004. Now that I mention it, I recently updated my BIOS to the latest version. And given all that I know about computers --I just don't know everything-- I don't quite understand how I'm not completely protected against Meltdown.) 

 

For checking my pc, I have used 2 different methods with similar results from what I can tell. The only thing I haven't mastered is interpreting the results. Method #1 is via the InSpectre tool. I have heard that it's supposed to do a good job at checking & all that, but I'm really unsure of exactly how accurate it is. Method #2 is by running a Powershell script which is shown how in this link: https://www.howtogeek.com/338801/how-to-check-if-your-pc-is-protected-against-meltdown-and-spectre/ Results for both methods are included below in the form of screenshots. Also, for anyone who is curious, these are the specs for my build: https://pcpartpicker.com/list/D96g6R

 

 

I hope that someone here can help me out with this. Also, if any of you happen to have questions for me or need more details, just ask & I'll be sure to get back with you! Thanks in advance! :) 

[Teddy07]

Why bother?

An attacker that bypassed your security can do way worse than abuse bugs and that even easier. 

[dizmo]

I'm pretty sure it doesn't even matter. Doesn't the user need to have physical access to the system for either bug to be much of an issue?

[Kjennings92]

1 minute ago, Teddy07 said:

Why bother?

An attacker that bypassed your security can do way worse than abuse bugs and that even easier. 

Look, I get it. It might seem rather silly to bother, but think of it this way: would you rather your pc actually have protection or just not bother & later be screwed?  Try to understand my point: I just want the best protection I can get. 

[Kjennings92]

2 minutes ago, dizmo said:

I'm pretty sure it doesn't even matter. Doesn't the user need to have physical access to the system for either bug to be much of an issue?

I don't know. Surely I'm not the only 1 here who likes to have things patched up & good to go... BTW, I would appreciate helpful responses & not ones that will criticize me.

[dilpickle]

This is normal for old hardware. My system gave the same results. There is nothing you can do other than buy new hardware. Its not worth worrying about.

[jaslion]

You've pretty much done everything to protect yourself as good as possible against the problems. The patches for both spectre and meltdown are well mere patches they do not fix the issue rather try to avoid it.

 

Then again by the time someone can actually use these they'd have to have physical access to the sytem and by then it's so much easier to do a heap of other things.

[Bombastinator]

The “spec” in specter is for speculative execution. If you’ve got a machine that runs speculative execution (which is the only kind they have made for a very long time) you’re vulnerable to specter or one of its variants.  There are things in specter and meltdown to make them a bit less terrifying to the home user though.  They’re sniffer programs and they’re slow.  The side load attacks these things do are difficult to implement, and they’re basically listening devices.  They can steal key codes which can then be used to open the system. They’re slow, expensive to apply, and just generally take a lot of work.   Someone needs a good reason to even bother.   Being a gigantic multinational corporation worth billions or a National government are of course great reasons.

[Kjennings92]

1 minute ago, dilpickle said:

This is normal for old hardware. My system gave the same results. There is nothing you can do other than buy new hardware. Its not worth worrying about.

Well, my hardware isn't really that old if you bothered to look at my parts list. 

[dilpickle]

Just now, Kjennings92 said:

Well, my hardware isn't really that old if you bothered to look at my parts list. 

I did look at your spec list. You should try being a little less snarky when you are asking for help. Your mobo and CPU are from 2018 right when these exploits were first discovered.

[Kjennings92]

1 minute ago, jaslion said:

You've pretty much done everything to protect yourself as good as possible against the problems. The patches for both spectre and meltdown are well mere patches they do not fix the issue rather try to avoid it.

 

Then again by the time someone can actually use these they'd have to have physical access to the sytem and by then it's so much easier to do a heap of other things.

I'm not so sure. Yeah, they're supposed to be patches which are supposed to "fix" the issue(s). And I forgot to mention this in the description of my post, but I did call Asus directly just the other day to be sure I knew my stuff & discussed the whole thing with them. From what they told me, it looks like a few BIOS updates later with microcode updates might further help with this, but I don't really know as I never had a job in IT. That's what I gathered from what they told me.  I guess we'll have to see...

[Kjennings92]

4 minutes ago, Bombastinator said:

The “spec” in specter is for speculative execution. If you’ve got a machine that runs speculative execution (which is the only kind they have made for a very long time) you’re vulnerable to specter or one of its variants. 

Right. But I didn't mention Spectre; it's Meltdown.

[dizmo]

13 minutes ago, Kjennings92 said:

I don't know. Surely I'm not the only 1 here who likes to have things patched up & good to go... BTW, I would appreciate helpful responses & not ones that will criticize me.

How on earth would you take that as criticism??

If the person needs physical access to the computer, then I'd assume you'd be more concerned about them being inside your house, not going through your PC.

[Bombastinator]

3 minutes ago, Kjennings92 said:

I'm not so sure. Yeah, they're supposed to be patches which are supposed to "fix" the issue(s). And I forgot to mention this in the description of my post, but I did call Asus directly just the other day to be sure I knew my stuff & discussed the whole thing with them. From what they told me, it looks like a few BIOS updates later with microcode updates might further help with this, but I don't really know as I never had a job in IT. That's what I gathered from what they told me.  I guess we'll have to see...

They’re not patches, they’re mitigations, so they don’t fix it they just make it harder to do.

[Bombastinator]

6 minutes ago, Kjennings92 said:

Right. But I didn't mention Spectre; it's Meltdown.

You did.  You just thought you were safe.  You’re not.  The problem is various versions of these attacks keep coming out and each seems to affect more types of systems than the last.

[Kjennings92]

9 minutes ago, dilpickle said:

I did look at your spec list. You should try being a little less snarky when you are asking for help. Your mobo and CPU are from 2018 right when these exploits were first discovered.

I wasn't exactly being snarky; i just don't like people who bash others. And besides, at least I didn't go with a Z370 mobo over a Z390 one. Z390 just seemed like a better choice to me.

Edited September 26, 2020 by Kjennings92

[Biomecanoid]

5 minutes ago, Kjennings92 said:

I'm not so sure. Yeah, they're supposed to be patches which are supposed to "fix" the issue(s). And I forgot to mention this in the description of my post, but I did call Asus directly just the other day to be sure I knew my stuff & discussed the whole thing with them. From what they told me, it looks like a few BIOS updates later with microcode updates might further help with this, but I don't really know as I never had a job in IT. That's what I gathered from what they told me.  I guess we'll have to see...

NOTHING to lose sleep over, it just triggers you OCD , forget it and move on, your PC will be fine. Its more likely for your PC to be damaged from bad power coming from the wall outlet than from the bugs you mention.

[Kjennings92]

5 minutes ago, dizmo said:

How on earth would you take that as criticism??

If the person needs physical access to the computer, then I'd assume you'd be more concerned about them being inside your house, not going through your PC.

Hey, at least people don't break into other's houses around where I live. Try to lighten up!

[Kilrah]

Both my 9th gen and 10th gen systems with up to date BIOSes say the same. Funnily enough my old 5960X reports all green.

 

As mentioned just forget about it, nothing you can do but ignore it, and if you're going to worry about that there would be thousands of things you should be even more worried about...

[Kjennings92]

2 minutes ago, Biomecanoid said:

NOTHING to lose sleep over, it just triggers you OCD , forget it and move on, your PC will be fine. Its more likely for your PC to be damaged from bad power coming from the wall outlet than from the bugs you mention.

Who knows maybe there is a little bit of OCD at hand here, & I probably might be fine. But TBH, I'm not concerned about power surges coming from the wall & damaging my setup. My biggest weakness is I'm a bit of a perfectionist. But I guess if I have to, I could probably let something as small as this go even though it's important to me.

[Kjennings92]

1 minute ago, Kilrah said:

Both my 9th gen and 10th gen systems with up to date BIOSes say the same. Funnily enough my old 5960X reports all green.

 

As mentioned just forget about it, nothing you can do but ignore it, and if you're going to worry about that there would be thousands of things you should be even more worried about...

Yeah, but I'm not. So obviously I don't know everything.

[Biomecanoid]

8 minutes ago, Kjennings92 said:

Who knows maybe there is a little bit of OCD at hand here, & I probably might be fine. But TBH, I'm not concerned about power surges coming from the wall & damaging my setup. My biggest weakness is I'm a bit of a perfectionist. But I guess if I have to, I could probably let something as small as this go even though it's important to me.

There are a lot more things way more serious that the bugs you worry about. Also if people looked at your setup under the microscope lets say i am sure they would find more faults with it than your OCD and perfectionism can handle.

[Kjennings92]

2 minutes ago, Biomecanoid said:

There are a lot more things way more serious that the bugs you worry about. Also if people looked at your setup under the microscope lets say i am sure they would find more faults with it than your OCD and perfectionism can handle.

Whatever.  Well, if that's it, then I guess I'm done.

[Oshino Shinobu]

Meltdown is mostly mitigated by operating system patches, while Spectre requires the updated microcode from Intel/AMD. If you're on 2004, you already have the required KBs installed. I'd imagine the tool isn't 100% accurate, I wouldn't worry. 

 

AFAIK, there's no active Meltdown or Spectre exploits in the wild as of yet. 

 

EDIT: Also, the performance issues with the combination of Spectre microcode patches and Windows patches was fixed a while ago when Intel improved the fix and the registry entry from the initial mitigation was flipped to disable once the Microcode was updated. 

[akio123008]

What you have to understand is that these attacks are extremely rare (if not hypothetical) because they are immensely complicated to actually carry out in the real world. No one would ever use this way to get into your computer. 

 

It's like having a door lock that's perfectly secure, but that can be opened by like 1 single guy in the whole world, and only when it's exactly 15.893 degrees celcius. The risk formed by the window next to it is a billion times greater.

 

You also have to realise that the mitigation that you're looking for has a negative effect on the computer's performance, meaning you're basically sacrificing performance for no reason at all.