Fatto, ecco il risultato:
Spectre & Meltdown Vulnerability
and Performance Status
Vulnerable to Meltdown: NO
Vulnerable to Spectre: YES!
Performance: SLOWER
(full details below)
In early 2018 the PC industry was rocked by the revelation that common processor design features, widely used to increase the performance of modern PCs, could be abused to create critical security vulnerabilities. The industry quickly responded, and is responding, to these Meltdown and Spectre threats by updating operating systems, motherboard BIOSes and CPU firmware.
Protection from these two significant vulnerabilities requires updates to every system's hardware-its BIOS which reloads updated processor firmware-and its operating system-to use the new processor features. To further complicate matters, newer processors contain features to minimize the performance impact of these important security improvements. But older processors, lacking these newer features, will be significantly burdened and system performance will suffer under some workloads.
This InSpectre utility was designed to clarify every system's current situation so that appropriate measures can be taken to update the system's hardware and software for maximum security and performance.
This system's present situation:
* This 64-bit version of Windows has been updated for full awareness of both the Spectre and the Meltdown vulnerabilities. If the system's hardware (see below) has also been updated, this system will not be vulnerable to these attacks.
* This system's hardware has not been updated with new features required to allow its operating system to protect against the Spectre vulnerabilities and/or to minimize their impact upon the system's performance. (Protection from the Meltdown vulnerability does not require BIOS or processor updates.)
* This system's Intel processor does not provide high-performance protection from the Meltdown vulnerability. The use of Meltdown protection on this system will incur some corresponding performance penalty.
* This system's older Intel processor does not provide high-performance protection from the Meltdown vulnerability. Windows is therefore doing the best job it can to protect the system, though with a possibly significant performance penalty. You may wish to considering disabling this system's Meltdown protection until it is offered at lower system performance cost.
Due to the potential performance impact of these vulnerability protections, which may be particularly burdensome on older hardware and operating systems that cannot be updated, either one or both of these protections may be disabled with Windows registry settings. This system's "protection disable" is currently set as follows:
* The system's registry is configured to enable both of the Spectre and Meltdown protections. Within the bounds of any limitations described above, Windows will work with the system's processor to prevent the exploitation of these vulnerabilities.
Guidance & Observations
Unfortunately, this system will be open to exploitation of the Spectre vulnerability until and unless its BIOS and CPU microcode firmware are updated. You should contact the system's vender and work to obtain an updated BIOS for this system, which will bring updated firmware along as part of the process. If future solutions to the Spectre vulnerability are found, this InSpectre utility will be updated to reflect them.
When enabled and active, both of these vulnerability protections come at some cost in system performance, and Meltdown attack protection may be quite expensive on older systems or under versions of Windows where Microsoft has not bothered to implement high-speed solutions. If this system's performance is more important than security, either or both of the vulnerability protections can be disabled to obtain greater performance.
When InSpectre is run with elevated administrative privilege, each button below toggles its respective protection on or off. Any changes will take effect after the system is restarted. Each button will be disabled if its protection is not available to be changed.
For more information see GRC's InSpectre web page
Copyright © 2018 by Gibson Research Corporation
(qui dietro avevano postato un qualcosa di simile, pure un .exe)
