www.ghacks.net Open in urlscan Pro
2606:4700:20::ac43:474b Public Scan

Back to summary

URL:
https://www.ghacks.net/2018/01/16/gibson-releases-inspectre-vulnerability-and-performance-checker/
Submission: On July 02 via manual (July 2nd 2023, 9:34:07 pm UTC) from FR — Scanned from FR

Form analysis
4 forms found in the DOM

GET https://www.ghacks.net/

<form role="search" method="get" class="search-form" action="https://www.ghacks.net/">
  <label wfd-id="97">
    <span class="screen-reader-text">Search for:</span>
    <input id="search-site" type="search" class="search-field" placeholder="Search …" value="" name="s">
  </label>
  <input type="submit" class="search-submit" value="Search">
</form>

Name: rating — POST https://www.ghacks.net/2018/01/16/gibson-releases-inspectre-vulnerability-and-performance-checker/

<form name="rating" method="post" action="https://www.ghacks.net/2018/01/16/gibson-releases-inspectre-vulnerability-and-performance-checker/" id="bsf-rating" onsubmit="return false;"><input type="hidden" id="bsf_rating_nonce" name="bsf_rating_nonce"
    value="6d7a957f49"><input type="hidden" name="_wp_http_referer" value="/2018/01/16/gibson-releases-inspectre-vulnerability-and-performance-checker/"><span class="star-rating-control">
    <div class="rating-cancel"><a title="Cancel Rating"></a></div>
    <div role="text" aria-label="" class="star-rating rater-0 star star-1 star-rating-applied star-rating-live"><a title="1">1</a></div>
    <div role="text" aria-label="" class="star-rating rater-0 star star-2 star-rating-applied star-rating-live"><a title="2">2</a></div>
    <div role="text" aria-label="" class="star-rating rater-0 star star-3 star-rating-applied star-rating-live"><a title="3">3</a></div>
    <div role="text" aria-label="" class="star-rating rater-0 star star-4 star-rating-applied star-rating-live"><a title="4">4</a></div>
    <div role="text" aria-label="" class="star-rating rater-0 star star-5 star-rating-applied star-rating-live"><a title="5">5</a></div>
  </span><input type="radio" name="star-review" class="star star-1 star-rating-applied" value="1" style="display: none;"><input type="radio" name="star-review" class="star star-2 star-rating-applied" value="2" style="display: none;"><input
    type="radio" name="star-review" class="star star-3 star-rating-applied" value="3" style="display: none;"><input type="radio" name="star-review" class="star star-4 star-rating-applied" value="4" style="display: none;"><input type="radio"
    name="star-review" class="star star-5 star-rating-applied" value="5" style="display: none;"><input type="hidden" name="ip" value="2001:41d0:8:d154::5, 2001:41d0:8:d154::5"><input type="hidden" name="post_id" value="140758"></form>

POST https://www.ghacks.net/wp-comments-post.php

<form action="https://www.ghacks.net/wp-comments-post.php" method="post" id="commentform" class="kinsta-form--whitebg kinsta-form" novalidate="">
  <p class="comment-form-comment"><label for="comment">Comment</label><textarea required="required" id="comment" name="comment" cols="45" rows="8" aria-required="true"></textarea></p><input type="checkbox" name="privacy" value="privacy-key"
    class="privacyBox" aria-req="true"><span style="padding-left:6px;padding-top:3px;" class="pprivacy">Check the box to consent to your data being stored in line with the guidelines set out in our
    <a target="blank" href="https://hello.softonic.com/privacy-policy/" data-wpel-link="external" rel="nofollow external noopener noreferrer">privacy policy</a><br><br>We love comments and welcome thoughtful and civilized discussion. Rudeness and
    personal attacks will not be tolerated. Please stay on-topic.<br>Please note that your comment may not appear immediately after you post it.<br><span>
      <div class="row gutter--small mt--20 comment-fields">
        <div class="col-xs-12 col-sm-6">
          <p class="comment-form-author"><label for="author">Name</label> <input id="author" required="required" name="author" type="text" value="" size="30"></p>
        </div>
        <div class="col-xs-12 col-sm-6">
          <p class="comment-form-email"><label for="email">Email</label> <input id="email" required="required" name="email" type="email" value="" size="30"></p>
        </div>
      </div>
      <p class="comment-form-cookies-consent"><input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes"> <label for="wp-comment-cookies-consent">Save my name, email, and website in this browser for the next
          time I comment.</label></p>
      <p class="form-submit"><input name="submit" type="submit" id="submit" class="submit" value="Post Comment"> <input type="hidden" name="comment_post_ID" value="140758" id="comment_post_ID">
        <input type="hidden" name="comment_parent" id="comment_parent" value="0">
      </p>
    </span></span>
</form>

GET https://www.ghacks.net/

<form role="search" method="get" class="search-form" action="https://www.ghacks.net/">
  <label>
    <span class="screen-reader-text">Search for:</span>
    <input type="search" class="search-field" placeholder="Search …" value="" name="s">
  </label>
  <input type="submit" class="search-submit" value="Search">
</form>

Text Content

Softonic uses own and third-party cookies to show personalized content and ads
on Softonic’s properties and other sites, to provide social media features, to
create an anonymous profile based on browsing behavior (visited pages,
frequency, time) and to analyze how our services are used.

You can decide what type of cookies you accept or withdraw the consent at any
time.

With your agreement, we and our partners use cookies or similar technologies to
store, access, and process personal data like your visit on this website.

You can withdraw your consent or object to data processing based on legitimate
interest at any time by clicking on "Learn More" or in our Privacy Policy on
this website.

We and our partners do the following data processing:Display personalized ads,
Personalised ads and content, ad and content measurement, audience insights and
product development, Precise geolocation data, and identification through device
scanning, Store and/or access information on a device

Learn More →Agree and close

ghacks.net

* Home
* VPNs
* Windows
* Linux
* Software
* Firefox
* Chrome
* Internet
* Mobile Computing
* Companies
* Email
* Misc
* Deals
*

* Home
* VPNs
* Good to know
* VPN for streaming
* VPNs for gaming
* Privacy news
* VPN reviews
* Windows
* Windows 11 News
* Windows 11 Help
* Windows 10
* Windows 8
* Windows 7
* Windows tips
* Windows Update
* Linux
* Linux Mint
* Software
* Antivirus
* Backup
* Data Recovery
* Encryption
* File Sharing
* Microsoft Office
* Security
* Firefox
* Firefox add-ons
* Chrome
* Chrome Extensions
* Internet
* Brave
* Internet Explorer
* Microsoft Edge
* Opera
* Pale Moon
* Vivaldi
* Google Maps
* Search
* Mobile Computing
* Google Android
* Apps
* iOS
* Companies
* Amazon
* Apple
* Facebook
* Google
* Microsoft
* Twitter
* Yahoo
* Youtube
* Email
* Gmail
* Outlook
* Thunderbird
* Misc
* Crypto & Blockchain
* Development
* Games
* Hardware
* Music and Video
* Network
* Tutorials
* Deals

Search for:

GIBSON RELEASES INSPECTRE VULNERABILITY AND PERFORMANCE CHECKER

Martin Brinkmann
Jan 16, 2018
Updated • Jan 16, 2018
Software
|
63

InSpectre is another free program for Windows that checks for Spectre and
Meltdown patches on the system and potential performance impacts.

The application offers three core advantages over comparable solutions such as
Ashampoo's Spectre Meltdown CPU Checker:Â the program requires no Internet
connection to make the verification checks, it reveals how much of a performance
impact the patches may have on the system, and it gives admins options to
disable the protections.

INSPECTRE

The tiny program is available on the Gibson Research website. It has a size of
122 Kilobytes and does not need to be installed. The page makes no mention of
compatibility with Windows though. It ran without issues on a Windows 10 Pro
system and a Windows 7 Professional system.

InSpectre checks on start whether the system is vulnerable to Meltdown or
Spectre. It highlights that in the interface immediately and displays the
performance impact of the patches on the same screen.

Scroll down for detailed information on each of the checks and general
information on the vulnerabilities.

The program informs you whether the operating system or hardware require
updating to protect the device against attacks that target Spectre or Meltdown
vulnerabilities.

InSpectre returned the following information on a fully patched Windows 10 Pro
system:

> This 64-bit version of Windows is aware of the Meltdown but not the Spectre
> problem. Since Intel processors are vulnerable to both of these attacks, this
> system will be vulnerable to Spectre attacks until its operating system has
> been updated to handle and prevent this attack.
>
> This system's hardware has not been updated with new features required to
> allow its operating system to protect against the Spectre vulnerabilities
> and/or to minimize the impact upon the system's performance (Protection from
> the Meltdown vulnerability does not require BIOS or processor updates).

InSpectre reveals the performance impact that the patches may have on the system
besides that. It does not use benchmarks for that but grades the impact based on
the processor and operating system.

Microsoft revealed recently that Windows 10 systems are less impacted than
Windows 8.1 and Windows 7 systems in regards to performance, and that newer
processor families would see less of an impact as well.

System administrators may use InSpectre to disable the protection on devices.
The intent is to resolve performance issues on older systems. The changes are
done in the Windows Registry and described in KB4073119.

InSpectre modifies the Registry keys to enable or disable the protections.

CLOSING WORDS

InSpectre is a well designed software for Windows. The program is portable,
requires no Internet connection, and returns the patch status of the system
immediately when you run it. The program shows the potential performance impact
of these patches and gives administrators options to disable the protection on
systems besides that.

* Check Linux for Spectre or Meltdown vulnerability
* Find out if your browser is vulnerable to Spectre attacks
* Find out if your Windows PC is affected by Meltdown/Spectre vulnerabilities
* Microsoft releases out-of-band security updates to address Intel bug
* Microsoft Security Updates January 2018 release

Summary
1
2
3
4
5
Author Rating

4.5 based on 30 votes

Software Name
InSpectre

Operating System
Windows

Software Category
Security

Landing Page
https://www.grc.com/inspectre.htm

ABOUT MARTIN BRINKMANN

Martin Brinkmann is a journalist from Germany who founded Ghacks Technology News
Back in 2005. He is passionate about all things tech and knows the Internet and
computers like the back of his hand. You can follow Martin on Facebook or
Twitter, and read his weekly tech newsletter on Substack
View all posts by Martin Brinkmann →

RELATED CONTENT

PROTON PASS PASSWORD MANAGER LEAVES BETA: HERE IS OUR TAKE

MICROSOFT TEAMS VULNERABILITY DISCOVERED TO BYPASS FILE SENDING RESTRICTIONS

SOME LASTPASS USERS ARE LOCKED OUT OF THEIR ACCOUNTS AFTER TRYING TO RESET THEIR
AUTHENTICATOR APP

STABILITY AI SDXL 0.9 WILL HELP YOU GET RID OF SPAGHETTI HANDS

1PASSWORD ADDS TELEMETRY TO ITS PASSWORD MANAGER, BUT IT IS OPT-IN, SORT OF

ASUS RELEASES FIRMWARE UPDATES FOR ROUTERS TO ADDRESS CRITICAL SECURITY ISSUES

Previous Post: « Ashampoo Spectre Meltdown CPU Checker
Next Post: « Integrity Downloader for Windows: download manager with security
focus

COMMENTS

1. ilev said on January 16, 2018 at 7:53 am
Reply

Application download blocked by Kaspersky.

1. CyberTech said on January 16, 2018 at 10:19 am
Reply

Take a look at this
https://www.virustotal.com/#/url/6ef13136c7c535252f9e4e6e01e6071e6971919c53227950645517bd3d11b446/detection

2. ze7 said on January 16, 2018 at 1:00 pm
Reply

Blocked by Norton Security! Threat name: Heur.AdvML.B

1. seeprime said on January 16, 2018 at 4:29 pm
Reply

ze7: Norton is throwing a false positive. Nice job Symantec.
2. lehnerus2000 said on January 16, 2018 at 8:36 am
Reply

Thanks Martin. :)

Avast allowed me to download & run it.

InSpectre indicated that I need hardware updates.

3. Ivan said on January 16, 2018 at 9:41 am
Reply

It triggers some virus detections:
https://www.virustotal.com/en/file/f263a23494d22a05f707faf4d0f4cc147b276f255309007d5f27d000a54b5372/analysis/

But that is to be expected by software like this.

4. Dani said on January 16, 2018 at 10:04 am
Reply

Blocked by TrendMicro. Flagged as a Virus. Got me in trouble with my work’s
IT department :-(

1. ShintoPlasm said on January 16, 2018 at 10:43 am
Reply

Lol, never try these things at work… I know the pain!
5. Tom Hawack said on January 16, 2018 at 11:04 am
Reply

As expected InSpectre reveals that my OS is vulnerable to both Spectre and
Meltdown.

6. WCS.Tony said on January 16, 2018 at 11:43 am
Reply

Brilliant thanks.

I have been worried that these security fixes would slow down my old i5
laptop.
To be honest I would rather run fast with a POTENTIAL security issue than
slow without.
This little app told me that I was vulnerable (I gathered that already) but
that it should not slow down my laptop much, AND I would be able to easily
turn each fix on or off.

MICROSOFT PLEASE TAKE NOTE – user information and CHOICE.

1. Peter DP said on January 16, 2018 at 8:35 pm
Reply

@ WCS.Tony
“To be honest I would rather run fast with a POTENTIAL security issue
than slow without.”

Exactly my sentiment. Don’t forget – These security breaches are POC and
haven’t been exploited in the wild and have been present for the last 23
years
Hardly any difference between this and the hundreds of security “fixes”
by M$.
These are just to cover their a$$….

Maybe a marketing ploy to get rid of older computers and sell new CPU’s
or computers?
7. chesscanoe said on January 16, 2018 at 11:57 am
Reply

Inspectre shows I am vulnerable to Spectre, as expected from running other
tools and programs. As Steve Gibson suggests, it is a new program, so
future modifications are possible. AVG Internet Security has no problem
with Inspectre as expected. win10 x64 home.

8. someone said on January 16, 2018 at 12:16 pm
Reply

I have installed all Windows 10 updates and Intel Management Engine
Components Installer, Chipset_Drive, released 09 Jan 2018, from dell.com at
it says I am still vulnerable to Spectre! WTH?!

9. KeZa_BE said on January 16, 2018 at 12:56 pm
Reply

Xp is vulnerable…this cannot be :)

10. cbsailor said on January 16, 2018 at 2:27 pm
Reply

Blocked by Norton Security! Threat name: WS.Reputation.1

11. A different Martin said on January 16, 2018 at 3:18 pm
Reply

Thanks very much for posting this, Martin. It’s a lot easier and faster and
it provides more useful information and functionality than the PowerShell
scan you recently posted. (A couple of the computers I used the PowerShell
scan a couple of days go didn’t have the minimum necessary version of
PowerShell and I had to install Windows Management Framework 5.1 on them,
so InSpectre would have been WAY easier and faster on them.)

As other comments have suggested, there is a really good chance users will
have to temporarily disable real-time antivirus protection in order to
download, copy, or move (“install”) it, and add all of the executable’s
locations (e.g., software archive, normal “install” folder, backup folder)
to their antivirus’s exclusion list(s) in order to be able to continue
running it and prevent it any copies of it from being zapped when the next
antivirus scan happens. I had to do those things in Kaspersky.

By the way, I really appreciated Steve’s “editorializing” in the
explanation section to the effect that despite having a
Meltdown-mitigation-friendly CPU, my OS (Windows 7) doesn’t take advantage
of it, causing performance slowdowns … but that the OS (Windows 7) COULD
and SHOULD support those CPU features. Hint, hint, Microsoft. But as with
my BIOS/CPU microcode provider, I’m not holding my breath. In real life, I
haven’t run into any HUGE performance hits yet, but if and when I do, I’m
pretty sure Linux won’t hold back on kernel improvements in order to
promote Windows 10…

12. Matt.M. said on January 16, 2018 at 3:24 pm
Reply

Given how evil people can be, even those with the best intentions, how do
we know that this program is not a rouge ?
Example : It’s possible that the people whom write virus programs are the
same people whom write the program to fix it. Any of the major anti-virus
companies could be doing this.
Call it extortion for a better lack of words.

1. A different Martin said on January 16, 2018 at 5:07 pm
Reply

Steve Gibson has been around for a LONG time, and as far as I know, he
has a sterling reputation.

2. Scott said on January 16, 2018 at 8:43 pm
Reply

I can’t believe you don’t know Steve Gibson and GRC ! , do yourself a
favour and subscribe to his Security Now podcast, ( but listen to it at
1.,4 speed ) :-)

3. archie said on January 16, 2018 at 10:39 pm
Reply

I’d sooner suspect myself than Steve Gibson. And I swear I’m a good guy
…

Setting this apart, inspectre returns weird -albeit encouraging- results
on a patch’d W10 64, 5675C cpu:
– Meltdown-free
– Good performance
– Spectre in the red, as expected until Intel microcode is made public.

What I find surprising is the “Good performance” rating, on an older
(2015) cpu. Anyone else ?

1. Robert said on January 17, 2018 at 4:04 pm
Reply

Ha ha true. But Steve’s famous motto is, “Trust No One”.
13. DW said on January 16, 2018 at 3:42 pm
Reply

VTchromizer (Virus Total) gave a clean bill of health to the download page.

14. seeprime said on January 16, 2018 at 4:27 pm
Reply

Same result as the Ashampoo product, but incredibly fast. Thanks.

15. bjm said on January 16, 2018 at 5:15 pm
Reply

[..] Since Inten processors are vulnerable to both of these attacks, [..]
Intel
Same result as Ashampoo.
Thanks.

16. net said on January 16, 2018 at 8:04 pm
Reply

https://downloadcenter.intel.com/download/27150?v=t

1. Cigologic said on January 16, 2018 at 9:28 pm
Reply

@ net — The “Intel-SA-00086 Detection Tool” in your link is to check for
the Intel Management Engine (Intel ME) vulnerability that was disclosed
in Dec 2017.

It has nothing to do with the Meltdown-Spectre kernel vulnerabilities
disclosed in Jan 2018.

2. Jack E. Alexander said on January 17, 2018 at 4:58 am
Reply

Your tool, thank you very much, says I don’t have any problems. As
opposed to all of the other files that I’ve collected (mentioned below)
showing I’m partially or completely at risk. It’s a scam! False news to
force users as I said below, to buy newer equipment (cores). Thanks
again!

1. Anonymous said on January 17, 2018 at 2:41 pm
Reply

Wrong. Cigologic is correct. The SA-00086 tool is for the Intel
Management Engine flaw and has NOTHING to do with Meltdown or
Spectre. Just because your MEI is secure, doesn’t mean the CPU is.
17. Q said on January 16, 2018 at 8:59 pm
Reply

The InSpectre application does run on WIndows XP.

1. Kooopa said on January 19, 2018 at 5:48 pm
Reply

It probably runs on win 95 too.
18. seeprime said on January 16, 2018 at 9:09 pm
Reply

For anyone using Windows on a vulnerable machine, you can install Sandboxie
and greatly mitigate these out of order execution vulnerabilities by
running your web browser fully sandboxed. Note that Edge cannot be fully
sandboxed.

19. slemp said on January 16, 2018 at 10:59 pm
Reply

Just ran it on an HP Zbook 15 G3 (i7-6700HQ) on which I had updated bios
(everything else was current) and patched Windows 10 Pro.

Results: No vulnerability to Meltdown or Spectre, and Performance good.

It says that, “This system’s hardware has been updated with new features
required to allow its operating system to protect against Spectre
vulnerabilities and/or to minimize their impact upon the systems
performance.”

I’m pleasantly surprised because I understood any kind of fix for this
(especially Spectre) was a long way off).

PS: just ran Ashampoo -same results.

20. Gavin said on January 16, 2018 at 11:37 pm
Reply

Steve is aware of the false-positive A/V warnings and has updated the
website accordingly.

21. wvo said on January 16, 2018 at 11:42 pm
Reply

Another excellent utility from Steve. Very nice job Mr. Gibson and thanks
Martin for yet another to the point review. It showed my 6 years old laptop
with Intel i-5 and Windows 7 is protected but performance is compromised.
Subsequently I disabled protection, since it was already obvious my machine
is slow to start up and has problems with copy pasting files. After
applying Steve’s fix all is smooth again. Fantastic.

I am not willing to make that sacrifice yet, let’s see how things work out.
Both Waterfox and Opera have been protected by first party isolation and
strict-site isolation. If you have KB4056897 /KB4056894 installed you can’t
use the latest stable version of Sandboxie. This can be solved by
installing Sandboxie 5.23 Beta. Works like a charm.

22. Don Gateley said on January 17, 2018 at 2:08 am
Reply

What a lovely play on words InSpectre is!

23. Jack E. Alexander said on January 17, 2018 at 4:52 am
Reply

All of these little downloads to indicate whether or not one of my machines
(w8.1/10) is infectible goes into a folder called ‘Core Sh!t’. I think it’s
false news, cooked up to force users to buy newer equipment (cores) or be
vulnerable to something that is likely to not be ever used. So, what me
worry?

1. Gavin said on January 17, 2018 at 9:28 am
Reply

How edgy.
24. chesscanoe said on January 17, 2018 at 4:53 am
Reply

Inspectre Release 2 is now available from this article original link.

25. Dan said on January 17, 2018 at 7:05 am
Reply

The reason this thing is flagged as malware is this:

– It is a packed executable.
– It plays sound effect as soon as you run it.
– It doesn’t have a modern SHA-256 signature.

All three are signs of malware that triggers your antivirus software.

Other than that it’s not a virus. It was written by an old guy that still
uses Windows XP. So he is not aware of the modern world’s dangers. You’ll
be fine if you run it. :)

If you don’t trust it, then use Microsoft recommended power shell script.
Google “microsoft spectre patch”

26. Gianni said on January 17, 2018 at 10:59 am
Reply

Quoting from GRC website:

“BOGUS â€œSmartScreenâ€ WARNING

Windows Defender â€œSmartScreenâ€ appears to have decided that InSpectre
is malware. This also happened briefly after the release of our Never10
utility. In this case, it is likely due to the fact that InSpectre’s
initial release was triggering anti-virus scanners due to the program’s use
of a registry key used to enable and disable the Meltdown and Spectre
protections. This second release obscures its use of that (apparently
worrisome) key and now appears to pass through most A/V without trouble. So
this SmartScreen false alarm will hopefully disappear soon.

In the meantime, PLEASE do not get a copy of this program from any
3rd-party download site, since that one could actually be malicious.
Instead, have a friend who is using some other computer (Windows 7 has no
problem with this) grab it from here and send it to you. Since the program
is only 122k (written in assembly language) it’s feasible to eMail it.”

27. dark said on January 17, 2018 at 12:37 pm
Reply

Is it open source?

28. Heats said on January 17, 2018 at 3:19 pm
Reply

Why am I still showing vulnerable to spectre when I have patched
everything. I’ve applied all windows updates, upgraded the firmware bios on
the machine put the cat out and fed the dog… what else needs to happen to
protect against spectre?

1. Millenicide said on January 17, 2018 at 5:44 pm
Reply

I’d also like to know the answer to this as I’m in the same boat.
29. Straspey said on January 17, 2018 at 6:13 pm
Reply

Older AMD Athon – scan says I’m vulnerable to Spectre (not surprising) and
have a GOOD rating on performance.

However, at the bottom – both buttons greyed out on my scan – does anyone
have an answer to this ?

Thanks!

1. chesscanoe said on January 18, 2018 at 3:52 am
Reply

Do you still have a question after reading
https://www.grc.com/inspectre.htm
and downloading and running InSpectre Release 4?
30. chesscanoe said on January 18, 2018 at 1:16 am
Reply

I wonder if InSpectre is granular enough to detect both variants of Spectre
as defined at
https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/
.

31. dark said on January 18, 2018 at 1:43 pm
Reply

So you can disable meltdown/spectre protection with simple registry
modification on Windows? Imagine malware or hacker taking advantage of
this.

1. archie said on January 18, 2018 at 2:13 pm
Reply

Once a hostile program takes over as root -which is required to edit the
registry-, the computer is basically pwned, meltdown or not. See this as
an illustration of bad-idea-to-run-an-admin-account-all-day.

1. dark said on January 18, 2018 at 6:23 pm
Reply

99% Windows PC’s runs with root/admin privileges by default so it is
pwned the moment hostile program is executed.
A good way to protect yourself would be enabling Administrator
Account from Computer Management > Local Users and Groups >Users.
Then logging in to admin account to set password and then logging
back in to your “username” account and set it to Account Type =
Standard from Control Panel.

2. archie said on January 18, 2018 at 6:36 pm
Reply

You must mean 99% of home PCs. Hopefully corporations and even small
businesses have some form of IT guy. Those who don’t and run their
stations as admin are in a world of trouble and their survival is
obviously at stake.
32. Heats said on January 18, 2018 at 3:28 pm
Reply

does anybody know why this tool is still showing vulnerable to spectre when
my systems have been updated with every patch possible for windows and at
the bios level? appreciate any feedback

1. archie said on January 18, 2018 at 4:38 pm
Reply

Most motherboard manufacturers have yet to release patched for SPECTRE
bioses as of now. For instance, ASUS just anounced end of january for
earliest mobos. Check wether the latest BIOS for your mobo claims to
address SPECTRE.

Even if some others might already have sent their patches, I wouldn’t
update yet, anyway. No point in being the beta tester on such a
sensitive issue.

1. Heats said on January 18, 2018 at 5:32 pm
Reply

Thanks Archie
Spectre is in RED but the application reports that this is an OS
issue but as I say it has the latest OS updates and have applied
everything that Dell can offer… just wondering why the application
reports still vulnerable to spectre

2. archie said on January 18, 2018 at 6:38 pm
Reply

Can you specify cpu and OS ? MS might have skipped your particular
combo.

3. Heats said on January 19, 2018 at 3:14 pm
Reply

Thanks again Archie
Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
MS Windows 10 1607 (Build 14393.2007)

patched with Dell latest everything and MS latest everything

4. archie said on January 19, 2018 at 6:17 pm
Reply

I’m at a loss with your Windows version : mine reads 1709, build
16299.192. Not sure how that works. You could start here. Also, were
you able to check whether DELL actually posted INtel’s fix for
SPECTRE in your installed BIOS?

I’m afraid I can’t be more specific from a distance, nor am I
familiar with DELL products. You should probably contact their
customer support, as you laptop is fairly recent. Since you seem to
care about patching things, make sure to close the Intel remote
management tool, or at least change the default password. This looks
like an immediate threat.
Sorry I can’t be of more help.
2. Cigologic said on January 21, 2018 at 3:46 am
Reply

>> Heats: “does anybody know why this tool is still showing vulnerable
to spectre when my systems have been updated with every patch possible
for windows and at the bios level?”

@Heats — There is a possibility that the only genuinely effective
protection against Spectre is to replace the vulnerable CPU itself, but
many stakeholders in the IT industry are perhaps under pressure not to
say it so openly. For instance, refer to the below chain of events.

1) When the Meltdown-Spectre vulnerabilities were first disclosed, the
advisory by the US government-funded Computer Emergency Response Team
(CERT) Coordination Center, which is part of the Software Engineering
Institute based at Carnegie Mellon University, indicated that only way
to mitigate against Spectre is as follows:

“Solution: Replace CPU Hardware
The underlying vulnerability is primarily caused by CPU architecture
design choices. Fully removing the vulnerability requires replacing
vulnerable CPU hardware.”

* Archived Page (at 30% mark): https://archive.is/vDbPx

* Screenshot: https://pbs.twimg.com/media/DSra1W3VMAAwp5x.jpg
from: https://twitter.com/nicoleperlroth/status/948811287508799489

2) However, a few days later, CERT-CC quietly (& without any
explanation) deleted the portion about replacing the CPU hardware. The
advisory was changed to indicate that “operating system and some
application updates mitigate these attacks”. See below for more info.

* A government-backed group of experts quietly walked back the
suggestion you should replace your processors to fix a big security
flaw:
http://www.businessinsider.com/intel-chip-bug-cert-says-replacement-is-the-only-way-2018-1

3) Current Status: The info on the same CERT-CC advisory page is yet
again different. Users may have to read between the lines to infer what
CERT-CC is trying to say — but in a mysteriously circular manner.

* CPU hardware vulnerable to side-channel attacks
(released: 03 Jan 2018, last revised: 11 Jan 2018):
https://www.kb.cert.org/vuls/id/584653

“Solution: Apply updates
[blah blah blah …]

Consider CPU Options
While we recognize that replacing existing CPUs in already deployed
systems is not practical, organizations acquiring new systems should
evaluate their CPU selection in light of the expected longevity of this
vulnerability in available hardware, as well as the performance impacts
resulting from the various platform-specific software patches.“
33. anon said on January 21, 2018 at 8:57 am
Reply

fwiw, it’s no longer labeled as malware on virustotal

34. facih said on February 15, 2018 at 12:33 am
Reply

what is the solution if you can’t upgrade the bios?

1. Jon Ollson said on April 7, 2018 at 2:26 am
Reply

Hey, you can update your CPU with this handy program. That way you don’t
have to wait for the bios update.
https://labs.vmware.com/flings/vmware-cpu-microcode-update-driver

Download the microcode for Intel and AMD and put it into the extracted
folder, then run Install.bat as Admin. Magic.
35. Jon Ollson said on April 7, 2018 at 1:38 am
Reply

Does anyone know why it reports performance as “Slower” on Windows 7?

I tried Win 10 with the same machine and specs, and then it’s all green.

The program says:
” This system’s Intel processor provides high-performance protection from
the Meltdown vulnerability, but this version of Windows is not taking
advantage of those features to offer that protection without performance
penalties. (It could and should!) You may wish to consider disabling this
system’s Meltdown protection until it is offered at lower system
performance cost.”

Is there anyway to fix this?

1. A different Martin said on April 7, 2018 at 5:44 am
Reply

I’m pretty sure you must still be running the initial version of
InSpectre. GRC has released maybe four or five updated versions since
then (all timely picked up by SUMo), and — tragically! — that little
comment about Windows 7 — “it could and it should” — is missing from the
more recent versions.

I look after three older Windows 7 computers that have been patched for
the Meltdown vulnerability. Two of them, with 8GB RAM each, are around
eight years old, and the slowdown, while noticeable if you pay
attention, is quite tolerable. One of them is nine years old, with only
4GB of RAM, and the slowdown is a lot harder to put up with. (Sorry, but
I don’t know the CPUs and chipsets by heart.)
36. Rick said on June 17, 2018 at 5:26 am
Reply

Sorry if this is a naive question, but if malware has ways to bypass UAC,
why can’t malware potentially disable the Meltdown and/or Spectre
protections the same way InSpectre can (i.e., via the registry mods
provided by MS for this purpose)?

BTW, for me Norton is flagging a cache file that Firefox downloads along
with InSpectre, but it has no problem with the actual program file.

www.ghacks.net Open in urlscan Pro 2606:4700:20::ac43:474b Public Scan

Form analysis 4 forms found in the DOM

GET https://www.ghacks.net/

Name: rating — POST https://www.ghacks.net/2018/01/16/gibson-releases-inspectre-vulnerability-and-performance-checker/

POST https://www.ghacks.net/wp-comments-post.php

GET https://www.ghacks.net/

Text Content

www.ghacks.net Open in urlscan Pro
2606:4700:20::ac43:474b Public Scan

Form analysis
4 forms found in the DOM