Microsoft releases emergency patch for Windows 7

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Apr 2, 2018.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    43,808
    Likes Received:
    10,953
    GPU:
    AMD | NVIDIA
    Microsoft released an out of band emergency patch for a vulnerability in Windows 7 and Windows Server 2008. This was necessary after a security researcher discovered that a Meltdown-patch released i...

    Microsoft releases emergency patch for Windows 7
     
  2. Fox2232

    Fox2232 Ancient Guru

    Messages:
    11,809
    Likes Received:
    3,369
    GPU:
    6900XT+AW@240Hz
    And they forgot to mention that attacker may as well flash BIOS (unless flash protected form OS), to have full list of "popular" exploits these days...
    ...as it seems that flashing BIOS is most important thing attacker wants to do once he has control over system.
     
  3. Picolete

    Picolete Master Guru

    Messages:
    356
    Likes Received:
    115
    GPU:
    R9 290 Sapphire Tri-x
    If I secure my BIOS with a password, shouldn't i be secure from some of this exploits?
     
  4. Fox2232

    Fox2232 Ancient Guru

    Messages:
    11,809
    Likes Received:
    3,369
    GPU:
    6900XT+AW@240Hz
    It was a joke from my side. Writing code which works at boot time and still allows normal system operation is not that easy in limited space of BIOS flash. So it is one of last targets attacker has on list. (If it even gets to list as each MB requires different BIOS and has different kinks which may prevent system from being operational and therefore lost even to attacker himself.)

    Meltdown/spectre and similar are not spawning from BIOS therefore password on BIOS does not protect against them. (OS level attacks.)
    But in case they allow attacker to gain control over your system, you do not need BIOS-Admin-Password. You need settings preventing BIOS flashing from OS.
     

  5. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,766
    Likes Received:
    732
    GPU:
    MSI 2070S X-Trio
    Link to the patch in the catalog ?
     
  6. vonSternberg

    vonSternberg Member Guru

    Messages:
    162
    Likes Received:
    52
    GPU:
    RX 560D
    Has anyone even been affected by it? I haven't updated my Windows 7 since 2012 and have never had any issues.
     
  7. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,766
    Likes Received:
    732
    GPU:
    MSI 2070S X-Trio
  8. glutto

    glutto Master Guru

    Messages:
    598
    Likes Received:
    27
    GPU:
    RX 580 8GB
    Such a tiny little patch.
     
    Rich_Guy likes this.
  9. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,766
    Likes Received:
    732
    GPU:
    MSI 2070S X-Trio
    Yep, all 22mb of it! :D
     
  10. TheDeeGee

    TheDeeGee Ancient Guru

    Messages:
    7,851
    Likes Received:
    1,893
    GPU:
    NVIDIA GTX 1070 8GB
    No updates since 2012 means you're perfectly safe.
     
    RealNC and warlord like this.

  11. chronek

    chronek Member Guru

    Messages:
    184
    Likes Received:
    3
    GPU:
    Geforce 980 GTX 4GB gddr5
    It was not a bug, it was a feature.. They released backdoor update
     
    warlord likes this.
  12. warlord

    warlord Ancient Guru

    Messages:
    2,761
    Likes Received:
    927
    GPU:
    Null
    Like Windows 7 era. Windows 7 are not safe and sound yet, back to XP with no updates no internet stuff. Windows 10 era. Windows 10 are spying, back to Windows 7 with some patches only not a lot of internet activity to keep it under control.
     
  13. RealNC

    RealNC Ancient Guru

    Messages:
    3,669
    Likes Received:
    1,865
    GPU:
    EVGA GTX 980 Ti FTW
    Eh, no.

    This reminds of old-school mainboards having jumpers to physically shut off write access to the BIOS. What happened to that? It was a good solution.
     
  14. Turanis

    Turanis Ancient Guru

    Messages:
    1,780
    Likes Received:
    489
    GPU:
    Gigabyte RX500
    Tim Sneath,ex-Microsoft:
    https://medium.com/@timsneath/from-windows-to-the-cloud-89d5ae28a95f

    "The recent shift to the cloud has proven immensely profitable, with Microsoft stock growing to levels that seemed unfathomable just a few years ago.
    The shift away from the client and Windows is clearly working as a business strategy — but it’s a seismic shift for the company and its culture.

    If you’re an ecosystem partner of Microsoft, the lesson is clear — in the same way as Windows is no longer a core business, unless you’re focused on the cloud, you’re not a strategic partner."
     
  15. jaggerwild

    jaggerwild Master Guru

    Messages:
    845
    Likes Received:
    312
    GPU:
    EVGA RTX 2070 SUP
    So Windows 7 is still supported?
     

  16. Lebon30

    Lebon30 Member Guru

    Messages:
    125
    Likes Received:
    65
    GPU:
    EVGA RTX 3070Ti 8GB
    Huh. I'll wait a bit to patch for this because I wanna be sure there's no issues in patching.

    Until April 2020.
     
    jaggerwild likes this.

Share This Page