Thursday, January 18, 2018

Inspectre utility to clarify Meltdown and Spectre

 I try to avoid placing links in blog posts. A security vulnerability.
 I try to avoid recommending applications or utilities.
HOWEVER
 This is one I make exception for.
Steve Gibson is a seasoned security researcher.
After Microsoft released a power shell script to give details on Meltdown and Spectre, AND disabled patches for the vulnerabilities under certain circumstances   users were unsure how to protect themselves from the sensationalism in print and video media.

https://grc.com/inspectre is an executable that adds some clarity.  When downloaded and run the executable checks for the required patches, does an analysis and performance impact, and allows you to disable one or both patches and measure performance with and without the patches.
 My recommendation is to patch and adapt to any performance impact.


 After running you can scroll the window to gain further information.

 The mitigations for meltdown and spectre will be ongoing for awhile.

 I will attempt to update the blog and Cyber Security SIG meetings with updates.

No comments:

Post a Comment