Microsoft released an out of band emergency patch for a vulnerability in Windows 7 and Windows Server 2008. This was necessary after a security researcher discovered that a Meltdown-patch released i... Microsoft releases emergency patch for Windows 7
And they forgot to mention that attacker may as well flash BIOS (unless flash protected form OS), to have full list of "popular" exploits these days... ...as it seems that flashing BIOS is most important thing attacker wants to do once he has control over system.
It was a joke from my side. Writing code which works at boot time and still allows normal system operation is not that easy in limited space of BIOS flash. So it is one of last targets attacker has on list. (If it even gets to list as each MB requires different BIOS and has different kinks which may prevent system from being operational and therefore lost even to attacker himself.) Meltdown/spectre and similar are not spawning from BIOS therefore password on BIOS does not protect against them. (OS level attacks.) But in case they allow attacker to gain control over your system, you do not need BIOS-Admin-Password. You need settings preventing BIOS flashing from OS.
Has anyone even been affected by it? I haven't updated my Windows 7 since 2012 and have never had any issues.
Think ive found it, is this it ? EDIT: (Yep this is it). http://www.catalog.update.microsoft.com/Search.aspx?q=KB4100480 Applies if you have any of these ones installed. https://support.microsoft.com/en-gb/help/4100480/windows-kernel-update-for-cve-2018-1038 Info :- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-1038
Like Windows 7 era. Windows 7 are not safe and sound yet, back to XP with no updates no internet stuff. Windows 10 era. Windows 10 are spying, back to Windows 7 with some patches only not a lot of internet activity to keep it under control.
Eh, no. This reminds of old-school mainboards having jumpers to physically shut off write access to the BIOS. What happened to that? It was a good solution.
Tim Sneath,ex-Microsoft: https://medium.com/@timsneath/from-windows-to-the-cloud-89d5ae28a95f "The recent shift to the cloud has proven immensely profitable, with Microsoft stock growing to levels that seemed unfathomable just a few years ago. The shift away from the client and Windows is clearly working as a business strategy — but it’s a seismic shift for the company and its culture. If you’re an ecosystem partner of Microsoft, the lesson is clear — in the same way as Windows is no longer a core business, unless you’re focused on the cloud, you’re not a strategic partner."
Huh. I'll wait a bit to patch for this because I wanna be sure there's no issues in patching. Until April 2020.