Ashampoo Spectre Meltdown CPU Checker
Ashampoo Spectre Meltdown CPU Checker is a free program for Microsoft Windows that reveals to you whether the processor of the Windows PC is vulnerable to Spectre or Meltdown vulnerabilities.
Spectre and Meltdown are two recently disclosed security vulnerabilities that affect many modern CPUs. The vulnerabilities affect the processors but also software that runs on the systems. Microsoft released out-of-band patches in January 2018, and so did Mozilla which patched Firefox in record time.
It is necessary to patch firmware as well, but that is only possible after Intel, AMD and other companies release updates to manufacturers. Motherboard manufacturers ASUS, Gigabyte, and MSI published updates for select motherboards already.
We reviewed programs and services in the past couple of weeks that let you determine whether your devices are vulnerable to potential attacks.
- Find out if your Windows PC is affected by Meltdown or Spectre
- Check Linux for Spectre or Meltdown vulnerability
- Find out if your browser is vulnerable to Spectre attacks
Ashampoo Spectre Meltdown CPU Checker
Spectre Meltdown CPU Checker by Ashampoo is a simple program that reveals after a short scan whether the processor is vulnerable.
All you need to do is download the 715 Kilobyte program file from the Ashampoo website and run it afterward. Ashampoo notes on the product's website that you may run it on Windows 7 and newer versions of the Microsoft Windows operating system.
Activate the "start security check" button to run the scan, and wait a couple of seconds for the scan to complete.
Note that the program needs to make outbound calls to Amazon AWS and Microsoft Azure cloud storage locations.
The application displays the result of the analysis in the interface after the scan completes. The results highlight whether the process is vulnerable, but that is all the program does.
Ashampoo's Spectre Meltdown CPU Checker is a handy program for Microsoft Windows devices to run a quick vulnerability assessment on a local PC. The results are not as detailed as those that Microsoft's PowerShell checker offer but that is not required all the time.
Thanks for the info. However the application displays the result only if you have the Windows Management Framework version 5.1 installed. Not in my intention to install any kind of Microsoft management tool however.
Ashampoo should add a test for the “new” (known since 7/2017) Intel AMT (Active Management Technology) security hole.
Imagine someone having the capability to remotely access and operate your laptop at their whim, without you being able to do anything about it. Pretty scary thought, right? Luckily this couldnâ€™t really happen â€“ magic hacker tricks capable of bypassing strong passwords, firewalls and anti-malware software only exist in the movies.
â€œThe attack is almost deceptively simple to enact, but it has incredible destructive potential. In practice, it can give a local attacker complete control over an individualâ€™s work laptop, despite even the most extensive security measures,â€ ..
The issue allows a local intruder to backdoor almost any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place. ..
I got (Win7) ….”Error: Could not find the Powershell Executable”.
Not tried it on Win10.
A bit put off by what Anonymous said about MS management tool…..plus, I think we have to assume all/many/most are likely vulnerable anyway.
I will do two things………..assume I am vulnerable………..and wait quite some time to see what (if any) remedial action I may take…..and not rush to install anything that is not truly worked out and tested.
Same here (no, I’m not following you, Sophie! I just happen to agree with you quite often).
Besides, I consider such a tool is pertinent for those who *have* installed Meltdown and Spectre patches since practically *all* processors on the market are vulnerable. In my case I know my processor *is* vulnerable because I’ve installed *no* Windows Update patches but *only* those inherent to a browser (Firefox 57.0.4) and my graphics driver (GeForce 390.65 Driver).
Works in progress, those of vulnerabilities, those of patches. Confusingly in progress, so to say.
@Tom, yes….absolutely….in that this tool is pertinent really only for those that have installed patches, to see if their efforts have yielded a positive outcome. For the rest of us, there’s almost complete certainty that we are affected, so running that test seems fairly pointless.
The problem is that this issue would appear to be a lot more complex than just a quick software patch, because of the nature of what has arisen, and the fact that this is essentially a low-level hardware issue – the effects of which are not really all that well addressed by software-patching alone (from what I understand).
If Google are not in a rush to update Chrome…..it has been said that the problem is not viewed as “immediately” serious as some quarters of the media would have us believe. Also, nothing has been exploited so far in the wild.
When you put all those things together, and then consider some of the Blue Screens and other issues people have had, it really makes sense to “watch this space” and do little for now. I think so anyway!
I’ve heard little about three letter “agencies” here too….NSA, etc. I would have thought that they would be very keen to exploit this issue. Of course, they have encryption in their sights, and this would be a godsend. Don’t expect them to come forwards any time soon about how this exploit might be beneficial to them! :0-)
Also, I choose not to use AV. Can anyone answer if Blue Screens might be almost inevitable if you have no AV? Reason being that if no AV….then =no prescribed Registry Key………possibly = Blue Screen?
haha! I don’t think for a moment that you are following me, and I must admit too, that our views on things often seem to chime, and I like that.
> “Also, I choose not to use AV. Can anyone answer if Blue Screens might be almost inevitable if you have no AV? Reason being that if no AVâ€¦.then =no prescribed Registry Keyâ€¦â€¦â€¦possibly = Blue Screen?”
I’ve been wondering about that as well My guess is that the Registry key is tied to a running AV considering it’s been said that the key was required only for non-updated AV definitions, which could mean that no AV means no Registry change. That’s how I see it. Nevertheless should I have opted for installing Microsoft’s patches that I would have created the registry key considering either it’s useless and won’t harm either it would prevent (possibly) a “Blue screen” …
Would be nice to have this further detailed by users who have a correlated experience.
Yes, just creating that key regardless would be the answer. Nice to have some clarification, and surprised that little seems to be said about that. It might be that the assumption is that almost all are using some form of AV, hence the emphasis has been on creating lists of compliance or lack of compliance to certain standards.
@ Sophie: Also, I choose not to use AV. Can anyone answer if Blue Screens might be almost inevitable if you have no AV? Reason being that if no AVâ€¦.then =no prescribed Registry Keyâ€¦â€¦â€¦possibly = Blue Screen?
It is not the absence/presence of the compliant registry key per se that causes/ prevents BSOD. The BSOD that may result after installing Microsoft’s Meltdown kernel patch has 2 known causes, namely:-
CAUSE 1: An incompatible installed antivirus program that makes unsupported kernel calls
— Microsoft is relying on 3rd-party antivirus vendors to create a compatible program update (that doesn’t make unsupported kernel calls) AND set the compliant registry key. The only purpose of this registry key is to signal to Windows Update that the current version of the antivirus program is safe, thus allowing Windows Update to go ahead & offer the Meltdown patch.
— As such, if your system lacks a 3rd-party installed antivirus program, there is no antivirus to make unsupported kernel calls that can cause BSOD. Likewise, your system will also lack the compliant registry key, so the Meltdown patch will not show up when you run Windows Update. If you wish for Windows Update to offer the Meltdown patch, you can manually create the registry key yourself.
— Alternatively, you can bypass Windows Update, download the Meltdown patch from Microsoft’s Update Catalog & install it manually. This is possible because the absence of the compliant registry key does NOT prevent the patch from being installed.
CAUSE 2: An older CPU model incompatible with MS’s Meltdown patch
— To date, users of older AMD & Intel CPUs released in 2008, 2009, 2010 & possibly later have reported BSODs after installing the Meltdown patch.
— For users with older CPUs, there is a possibility that installing the Meltdown patch may nevertheless result in BSOD, even when the system lacks an installed antivirus program, or when the system has a compatible antivirus & the compliant registry key.
Ashampoo Spectre Meltdown CPU Checker change the Powershell Execution Policy.
Set the Current User to bypass.
The best is SpecuCheck.
SpecuCheck not change the Powershell ExecutionPolicy.
This program also makes changes in the registry that prevent you from receiving the required updates from Microsoft.
Is that so? Would be the ultimate confusion. You mean that a tool intended to check if a system is cpu-vulnerable would at the same time modify the Registry in order to prevent patches aimed at resolving these vulnerabilities? I don’t get it, this time I’d be totally de-satellited if you say right, if I understand you right.
Unfortunately it’s so.
Take a look here: https://forum.avast.com/index.php?topic=129271.msg1441036#msg1441036 then notice my followup post which shows the change that occurred after running the program and, the correction needed to reverse that change.
OK, I’ve read the post and as I understand it the Ashampoo tool modifies Windows PowerShell’s ExecutionPolicy to “Bypass” while the standard setting should be “Undefined” or “Restricted”, but in what does this prevent the user “from receiving the required updates from Microsoft.” as you mention it above? Maybe is this obvious but as a non-techie I don’t understand the relation between the two (Powershell ExecutionPolicy and Windows Updates). If it’s too technical, obvious, please forget this comment.
Do you have a reliable source for info. like this? It just would not make sense, and would surely damage the reputation of Ashampoo…..though the [their] name is daft enough to have damaged them in my eyes already. (only joking!!) :)
The app gives me the massage: ‘ install Windows Framework Management version 5 or higher’. What is WFM please?.
I am wary though of installing it as I’m sure it is partly MS spyware.
I use W 8.1.
Windows Management Framework adds or updates certain components, for instance, Windows PowerShell, Windows Remote Management or Software Inventory Logger. See https://www.microsoft.com/en-us/download/details.aspx?id=54616 for additional information.
Ah. Thanks a bunch Martin.
Ashampoo is not the primary publisher I would trust for that. Maybe I’m prejudiced, but to me, they are more a marketing company putting so-so programs on the market with heavy-handed promotion tactics.
Yes, that’s my impression too. I think it always pays to be cautious, and not just run stuff that cannot stand up to scrutiny.
Many an OS install around the world will have been compromised by some unforeseen side effect, from something that outwardly appeared a harmless and reasonable thing to run…….only that it wasn’t!
Right on found sane mind thanks !!
I can verify that what Anonymous said about the program requiring Windows Management Framework version 5 or higher. I tried to run the program on my Windows 7 (I will NEVER, EVER own a computer with the forced update and privacy nightmare Windows 10 on it) and I got an error message saying the following: “Please install Windows Management Framework version 5 or higher and try again.” Like anonymous, installing more Microsoft (IMO) spyware isn’t in my future.
Agreed. Would never want this kind of closed-source MS possible-spyware…..for the simple chance to be able to run some software, that yields a result that is almost a fore-gone conclusion anyway.
I delete it after it failed on Win7 in my VM ….and never even wanted to run it on my Win-10 host…..and that was after VirusTotal checking it. It did come up clean though.
I’ll pass. Running Win7 with no AV, relying on my good backups.
I’ll pass. Like Tom Hawack, I’m running Win7 with no AV, relying on my every day backups.
Also, another thing is that these kind of Microsoft offerings very rarely fully describe what their true purpose in life is……….AND……..they usually just come as a small (tiny) stub installer, giving you even less idea of what its going to do to your system……and then may well require at least one reboot, and a progress bar that runs and runs…….all while you don’t know what its changing or doing.
I always prefer a proper executable to these stub installers that leave you largely in the dark……..and in fact, I have practiced something else for at least a year now……which is to install everything in my VM, and then “port” the folder structure over to where I really want to run the software, in the hope it will run as if it were actually a portable app, when its not.
This has served me well. Granted that if there are dependencies, or the need for registry keys, this might quickly fail, but I have had a terrific success rate in porting folder structures over as if they are portable apps, and running just great. This way, I know that very little has touched the Registry, and no junk is left laying around. I do this all the time now with new software, and that’s another reason to avoid stubs.
Just had a look….and there are 145 “softwares” in my “Portable Apps” folder, and I would say that 95% of those are not portable apps! They all run perfectly, leaving a very stable system, as you know that very little changes have occurred to your system while doing it this way. All you need is a spare machine, or a Virtual Machine.
“Install everything in my VM, and then â€œportâ€ the folder structure over to where I really want to run the software, in the hope it will run as if it were actually a portable app, when its not.
Whaaaat ? How can this possibly work ? I always install with Revo, and the logs always show modified registry values, often many of them.
@clairvaux – Fully understand your surprise, and it is a hit and miss affair. You simply have no idea if this will be successful. Many installs create multiple registry keys, or have dependencies….and simply won’t function if you don’t install them properly.
But I would say that clear evidence of working just fine emerges, at least for me, as a very high percentage of software I run, never was installed directly where it is run from, as described earlier, and really does work just fine.
Most recently, I installed some Canon software for a new camera, and was absolutely shocked to find it ran perfectly. I am referring to Digital Photo Professional 4. Just like so many other installs, this was installed in VM, copied over, and I’ve yet to find anything that does not work.
It’s worth a try first, as you’ve nothing to lose. I’d say that out of 145 programs in that folder, possibly around 125-130 were set up this way.
I’m reading both of your comments, Sophie and Clairvaux, and Sophie’s experience with ported installs from virtual to “classical” without the Registry keys a “classical” install would have produced (when it works : 125-130/145 is a nice score!) does mean that many Registry keys created by software installs are absolutely superfluous… but then, why do those installs produce those unnecessary keys?
@Tom – I wondered about that too…..superfluous registry keys. So I wondered if maybe a lot of these applications still create keys when they are run. They must at least need to store some information somewhere….but the hope might be that everything is a little more controlled and minimal. You also avoid bloat, extra stuff being installed…..as its usually obvious which folders to pick off that constitute the main program.
After copying a folder tree like that, I will usually uninstall the software, and see if it still runs from the copied tree. And then after that, I try it out back on the host pc, and hope for the best.
Just one example of many……CCleaner – works perfectly, and the original installer never touched my Win-10.
Also, it doesn’t mean that certain Registry values won’t be created [after the fact]. They might well be, and you’d never know. It’s just that you minimise impact of an install by porting it, and seeing if it will work as prescribed. I’ve definitely encountered things that won’t too!
Some things are bound not to work. For instance, you don’t get modified right-click menus, do you ?
On a related subject, I was wondering which was your main working environment : your host OS, or the hosted VM ?
@clairvaux – indeed, some things simply can’t work this way for very individual reasons to do with those applications. But I think I’ve got to the stage where so many installs have appeared to work in all or most regards, that it is now my ‘default’ way of installing something new. My view is…..let’s try it first that way, at least. I then roll back the VM, as if that software had never touched it, or been installed in there either.
Yes, things that create shell options, right-click, indeed, that will very likely be a problem
Main working environment? I’d probably have to say 30/70 with the 30 going to the Win-10 host, and 70 to the VM, and Office Applications, Video Editing….or anything fairly serious being on the host, with mainly browsing being on the VM (and of course, porting installs in the way I described)
Browsing on the VM, yes, it makes sense. Thank you.
@kalmly, indeed I avoid whatever AV and all those “universal anti-malware, anti-virus, surf-in-peace” machines, called so by me because of their octopus way of being installed and running. But at the same time I do have system-wide protections (else than those above mentioned) mainly composed of daily updated filtering lists (domain and addresses) and I drive as carefully as a driver with no license would. What I mean is that banning usual defenders and usually advised defenses requires a minimum of counterpart : I certainly wouldn’t advise someone starting to use networks to simply avoid those anti-x applications.
Use SpecuCheck instead. It’s open source.
Stuck at “Checking” on my machine
Windows 8.1 x64
After running SpectreMeltdownCheck as admin all I get is this (Error during the vulnerability check)
But with SpecuCheck
SpecuCheck v1.0.5 — Copyright(c) 2018 Alex Ionescu
https://ionescu007.github.io/SpecuCheck/ — @aionescu
Mitigations for CVE-2017-5754 [rogue data cache load]
[-] Kernel VA Shadowing Enabled: yes
â”œâ”€â”€â”€> with User Pages Marked Global: no
â””â”€â”€â”€> with PCID Flushing Optimization (INVPCID): yes
Mitigations for CVE-2017-5715 [branch target injection]
[-] Branch Prediction Mitigations Enabled: no
â”œâ”€â”€â”€> Disabled due to System Policy (Registry): no
â””â”€â”€â”€> Disabled due to Lack of Microcode Update: yes
[-] CPU Microcode Supports SPEC_CTRL MSR (048h): no
â””â”€â”€â”€> Windows will use IBRS (01h): no
â””â”€â”€â”€> Windows will use STIPB (02h): no
[-] CPU Microcode Supports PRED_CMD MSR (049h): no
â””â”€â”€â”€> Windows will use IBPB (01h): no
Just hope Asus update the bios for my H97i plus board..
Thanks for the article….
Now I can check my Linux side…
spectre meltdown checker error during the vulnerability check ??
Needs .net 4 installed just to check? lol