Home Mail Chat Wallpapers
Go Back   ChiefsPlanet > The Lounge > Washington DC and The Holy Land

Reply
 
Thread Tools Display Modes
Old 01-04-2018, 09:46 AM  
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 
Join Date: Sep 2000
Location: Denver
Casino cash: $13236
Patch your Systems

Hey...in the interest of community. Make sure you patch and reboot your personal systems this weekend and check frequently for the next month at least. While not easy to exploit with certain chipsets, patching your computer stuff is always a good idea.....

So you don't get robbed like the DNC.

You can read up here (not long)

https://isc.sans.edu/

https://www.engadget.com/2018/01/03/...-google-apple/

Good luck.
Posts: 26,278
Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.
  Reply With Quote
Old 01-04-2018, 12:12 PM   #2
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 

Join Date: Sep 2000
Location: Denver
Casino cash: $13236
What's above is for the Meltdown and Spectre Proc flaws.

Low risk right now...unless you click on links in emails from unknown sources and don't verify the links before you click on them.
Posts: 26,278
Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.
  Reply With Quote
Old 01-04-2018, 12:18 PM   #3
dirk digler dirk digler is offline
Please squeeze
 
dirk digler's Avatar
 

Join Date: Jul 2003
Location: Clinton, MO
Casino cash: $24744
Yeah this is a bad deal and effects every CPU made since 1995 especially Intel. From my understanding though is that if your anti-virus vendor doesn't update a setting on your PC you won't get the updates from Microsoft.

The Spectre exploit won't be fixed without replacing your CPU once they manufacture new ones that have the exploit fixed. Might be years.
Posts: 54,469
dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.
  Reply With Quote
Old 01-04-2018, 12:21 PM   #4
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 

Join Date: Sep 2000
Location: Denver
Casino cash: $13236
Quote:
Originally Posted by dirk digler View Post
Yeah this is a bad deal and effects every CPU made since 1995 especially Intel. From my understanding though is that if your anti-virus vendor doesn't update a setting on your PC you won't get the updates from Microsoft.

The Spectre exploit won't be fixed without replacing your CPU once they manufacture new ones that have the exploit fixed. Might be years.
Every company that gets breached these days that gets hulled in front of Congress should just point back at the manufacturers. It's what I would do.

Why did you get breached?

Because (insert vendor here) created a flawed product.
Posts: 26,278
Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.
  Reply With Quote
Old 01-04-2018, 12:24 PM   #5
Lex Luthor Lex Luthor is offline
Triggering the Trumptards
 
Lex Luthor's Avatar
 

Join Date: Mar 2010
Casino cash: $22875
Quote:
Originally Posted by Garcia Bronco View Post
Every company that gets breached these days that gets hulled in front of Congress should just point back at the manufacturers. It's what I would do.

Why did you get breached?

Because (insert vendor here) created a flawed product.
Not sure that would be a winning defense, especially if the breach could have been prevented with some reasonable security practices by the company that was breached.
Posts: 12,681
Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.Lex Luthor is obviously part of the inner Circle.
  Reply With Quote
Old 01-04-2018, 12:24 PM   #6
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 

Join Date: Sep 2000
Location: Denver
Casino cash: $13236
Quote:
Originally Posted by dirk digler View Post
From my understanding though is that if your anti-virus vendor doesn't update a setting on your PC you won't get the updates from Microsoft.

The Spectre exploit won't be fixed without replacing your CPU once they manufacture new ones that have the exploit fixed. Might be years.
There can be a software fix for it but it will consume more processing power.

I am not aware of AV being involved per se. You AV shouldn't inhibit MS patches unless you have it super locked down.

MS should release a browser patch today
Chrome on the 23rd
No word yet from Mozilla or Apple Safari.
Posts: 26,278
Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.
  Reply With Quote
Old 01-04-2018, 12:26 PM   #7
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 

Join Date: Sep 2000
Location: Denver
Casino cash: $13236
Quote:
Originally Posted by Lex Luthor View Post
Not sure that would be a winning defense, especially if the breach could have been prevented with some reasonable security practices by the company that was breached.
Maybe not as you say. Especially in a clear config option. I personally think their are to many options in configurations across most platforms. But it would but some amount of scrutiny on the manufacturers should the press pick it up. It also costs customers money for companies to maintain this stuff. We spend in the double digit millions each year (that includes cap and op ex)
Posts: 26,278
Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.
  Reply With Quote
Old 01-04-2018, 12:29 PM   #8
dirk digler dirk digler is offline
Please squeeze
 
dirk digler's Avatar
 

Join Date: Jul 2003
Location: Clinton, MO
Casino cash: $24744
Intel knew about these vulnerabilities for months and a couple of months ago the Intel CEO sold off a large portion of his stake in the company after Google had informed the chipmaker of a significant security vulnerability in its processors.

Sounds like Equifax all over again.
Posts: 54,469
dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.
  Reply With Quote
Old 01-04-2018, 12:29 PM   #9
Donger Donger is offline
"Think BOOM!"
 
Donger's Avatar
 

Join Date: Nov 2003
Location: 33.675 N 106.475 W
Casino cash: $0
VARSITY
So this is a hardware vulnerability?
__________________
I think the young people enjoy it when I "get down," verbally, don't you?
Posts: 104,319
Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.
  Reply With Quote
Old 01-04-2018, 12:32 PM   #10
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 

Join Date: Sep 2000
Location: Denver
Casino cash: $13236
Quote:
Originally Posted by Donger View Post
So this is a hardware vulnerability?
Yes, but there will be browser patches for defense. But if one clicks on a link to the wrong place, one's system could be compromised.
Posts: 26,278
Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.
  Reply With Quote
Old 01-04-2018, 12:32 PM   #11
dirk digler dirk digler is offline
Please squeeze
 
dirk digler's Avatar
 

Join Date: Jul 2003
Location: Clinton, MO
Casino cash: $24744
Quote:
Originally Posted by Garcia Bronco View Post
There can be a software fix for it but it will consume more processing power.

I am not aware of AV being involved per se. You AV shouldn't inhibit MS patches unless you have it super locked down.

MS should release a browser patch today
Chrome on the 23rd
No word yet from Mozilla or Apple Safari.
There is no fix for Spectre. It is built into the CPU chip. The patches are for Meltdown.

As far as AV goes the vendors have to update it to put a registry key on your PC before Microsoft will allow you to install or download from Windows Update. This update could BSOD your PC.

Quote:
But the Windows updates are not compatible with many types of anti-virus software, which must be updated to work with a new registry key

Anti-virus vendors have already begun releasing updates. Kaspersky Lab, for example, issued patches for its products on Dec. 29, apparently after getting an early heads-up via the Microsoft Active Protections Program for security software providers.

But many anti-virus firms are still racing to get updates in customers' hands. "All AVs got screwed over by the accelerated timeline," says Fabian Wosar, CTO and head of the malware research lab at anti-virus software vendor Emsisoft, which makes Emsisoft Anti-Malware as well as makes the scanning engine used by Bitdefender . "We got informed about the registry key on the 2nd. Even a simple change like that takes time to go through QA and the original schedule was to have it ready by Tuesday," he says via Twitter. "We will likely release a patch today."
Posts: 54,469
dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.
  Reply With Quote
Old 01-04-2018, 12:34 PM   #12
dirk digler dirk digler is offline
Please squeeze
 
dirk digler's Avatar
 

Join Date: Jul 2003
Location: Clinton, MO
Casino cash: $24744
https://meltdownattack.com/
Posts: 54,469
dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.dirk digler is obviously part of the inner Circle.
  Reply With Quote
Old 01-04-2018, 12:35 PM   #13
Donger Donger is offline
"Think BOOM!"
 
Donger's Avatar
 

Join Date: Nov 2003
Location: 33.675 N 106.475 W
Casino cash: $0
VARSITY
Quote:
Originally Posted by Garcia Bronco View Post
Yes, but there will be browser patches for defense. But if one clicks on a link to the wrong place, one's system could be compromised.
Jesus.
__________________
I think the young people enjoy it when I "get down," verbally, don't you?
Posts: 104,319
Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.Donger is obviously part of the inner Circle.
  Reply With Quote
Old 01-04-2018, 12:36 PM   #14
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 

Join Date: Sep 2000
Location: Denver
Casino cash: $13236
Quote:
Originally Posted by dirk digler View Post
There is no fix for Spectre. It is built into the CPU chip. The patches are for Meltdown.

As far as AV goes the vendors have to update it to put a registry key on your PC before Microsoft will allow you to install or download from Windows Update. This update could BSOD your PC.
Okay, that's good info.

I was gonna zero day patch this, but with this info I am going to have one of my people reachout to to our AV provider first. And maybe do a reg key dump with PS.
Posts: 26,278
Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.
  Reply With Quote
Old 01-04-2018, 12:43 PM   #15
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 

Join Date: Sep 2000
Location: Denver
Casino cash: $13236
Quote:
Originally Posted by Donger View Post
Jesus.
Just understand what you are clicking on be fore you do.

Hover over the link...make sure it's legit.

I recommend never clicking on links in emails.

You get something from you bank. Cool. Open up another browser and type in the URL or use your trusted book mark. Never log into something from a link in an email.
Posts: 26,278
Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.Garcia Bronco is too fat/Omaha.
  Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump




All times are GMT -6. The time now is 05:58 AM.


This is a test for a client's site.
Fort Worth Texas Process Servers
Covering Arlington, Fort Worth, Grand Prairie and surrounding communities.
Tarrant County, Texas and Johnson County, Texas.
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2018, vBulletin Solutions, Inc.