A year ago, i find about security problems in Intel processors, known as “Meltdown” (CVE-2017-5754) and “Specter” (CVE-2017-5753 and CVE-2017-5715) During this time period, Microsoft has released patches that should protect the Windows operating system from such threats.in this article i will be talk about Why disable Microsoft security patches from MeltDown and Specter.As well as what they are
Vulnerabilities identified by a number of people, including Google's Project Zero, stunned the IT (informative) community. Unfortunately, such vulnerabilities have been present in processors for over 20 years. And this means that a large number of devices have these vulnerabilities: from personal computers to web servers and probably even smartphones.
All the recommendations below come down to one thing: you need to install the latest updates for the operating system. To do this, follow these steps, depending on your operating system.
Update your packages with apt-get:
For CentOS / Fedora :
Similarly, do the following from a console with superuser privileges:
Make a full update with the command:
For windows
In the Windows operating system, you should enable the receipt of updates and wait for the patch from MicroSoft.
I discovered that performance decreased significantly on most older computers (over 5 years old) after Microsoft deployed the patch. Moreover, there's no defense against Specter weakness for many processors.
I thought it made sense to deny such protection in favor of machine speed, because there is no guaranteed protection and efficiency has dropped.
All of this, of course, refers to old computers that can hardly cope with modern tasks.
You need to run the program as administrator.
In my case (on the laptop on which I am writing this article) the protection state looked like this:
We see defective protection and poor system performance.
After disabling the patch (you need to click the "Disable Meltdown Protection" button) and restarting the computer, the performance becomes better.
If desired, protection against vulnerabilities you can be enabled back.
Also if your Protection info look like this :
then you don't have to disable the patch you device is good to go.
You must know Meltdown and Specter are hardware and not software vulnerabilities, so fixing them is not easy. Patches covering Meltdown have already been released for Linux, Windows, and MacOS. Specter Vulnerability Protection is still under development.
What is the Specter and Meltdown?
Specter and Meltdown are the names of vulnerabilities found in a number of Intel, ARM, and AMD processors that could allow hackers to access passwords, encryption keys, and other personal information from running applications.Vulnerabilities identified by a number of people, including Google's Project Zero, stunned the IT (informative) community. Unfortunately, such vulnerabilities have been present in processors for over 20 years. And this means that a large number of devices have these vulnerabilities: from personal computers to web servers and probably even smartphones.
How to fix Specter and Meltdown vulnerabilities
Before you start
Since when installing any software on a computer there is always a chance to get a completely inoperative system, do not forget to do the following:
Make a full data backup !
Check for antivirus software compatibility with updates against Specter and Meltdown
For Debian / Ubuntu:
Run the following commands in the console as a privileged user:Update your packages with apt-get:
# apt-get update && sudo apt-get dist-upgrade Reboot the computer (server) for the changes to take effect # reboot
For CentOS / Fedora :
Similarly, do the following from a console with superuser privileges:
Make a full update with the command:
# yum update Update kernel packages: # yum update "kernel *" Reboot the computer (server): # reboot
For windows
In the Windows operating system, you should enable the receipt of updates and wait for the patch from MicroSoft.
And now why disable Microsoft security patches from MeltDown and Specter
If you notice that your old computer has started to run slower, then it is possible that it is interfered with by Microsoft security patches to protect against Meltdown and Specter.I discovered that performance decreased significantly on most older computers (over 5 years old) after Microsoft deployed the patch. Moreover, there's no defense against Specter weakness for many processors.
I thought it made sense to deny such protection in favor of machine speed, because there is no guaranteed protection and efficiency has dropped.
All of this, of course, refers to old computers that can hardly cope with modern tasks.
How to check for protection from MeltDown and Specter :
If you have automatic Windows updates enabled, then most likely you have already installed protection patches from MeltDown and Specter. The easiest way to verify this is with InSpectre by Steve Gibson - https://www.grc.com/inspectre.htmYou need to run the program as administrator.
In my case (on the laptop on which I am writing this article) the protection state looked like this:
We see defective protection and poor system performance.
After disabling the patch (you need to click the "Disable Meltdown Protection" button) and restarting the computer, the performance becomes better.
If desired, protection against vulnerabilities you can be enabled back.
Also if your Protection info look like this :
then you don't have to disable the patch you device is good to go.
If you need any help feel free to ASK in the comment section.for more awesome post like this keep visiting us Jote Soft .Subscribe to this site free to get notify via email ,also check out our social media
Posts
0 Comments