Ashampoo Spectre Meltdown CPU Checker

Martin Brinkmann
Jan 15, 2018
Software
|
40

Ashampoo Spectre Meltdown CPU Checker is a free program for Microsoft Windows that reveals to you whether the processor of the Windows PC is vulnerable to Spectre or Meltdown vulnerabilities.

Spectre and Meltdown are two recently disclosed security vulnerabilities that affect many modern CPUs. The vulnerabilities affect the processors but also software that runs on the systems. Microsoft released out-of-band patches in January 2018, and so did Mozilla which patched Firefox in record time.

It is necessary to patch firmware as well, but that is only possible after Intel, AMD and other companies release updates to manufacturers. Motherboard manufacturers ASUS, Gigabyte, and MSI published updates for select motherboards already.

We reviewed programs and services in the past couple of weeks that let you determine whether your devices are vulnerable to potential attacks.

Ashampoo Spectre Meltdown CPU Checker

Spectre Meltdown CPU Checker

Spectre Meltdown CPU Checker by Ashampoo is a simple program that reveals after a short scan whether the processor is vulnerable.

All you need to do is download the 715 Kilobyte program file from the Ashampoo website and run it afterward. Ashampoo notes on the product's website that you may run it on Windows 7 and newer versions of the Microsoft Windows operating system.

Activate the "start security check" button to run the scan, and wait a couple of seconds for the scan to complete.

Note that the program needs to make outbound calls to Amazon AWS and Microsoft Azure cloud storage locations.

The application displays the result of the analysis in the interface after the scan completes. The results highlight whether the process is vulnerable, but that is all the program does.

Closing Words

Ashampoo's Spectre Meltdown CPU Checker is a handy program for Microsoft Windows devices to run a quick vulnerability assessment on a local PC. The results are not as detailed as those that Microsoft's PowerShell checker offer but that is not required all the time.

Summary
software image
Author Rating
1star1star1stargraygray
3.5 based on 6 votes
Software Name
Ashampoo Spectre Meltdown CPU Checker
Operating System
Windows
Software Category
Security
Landing Page
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Justin said on June 14, 2018 at 5:56 pm
    Reply

    Needs .net 4 installed just to check? lol

  2. shayne said on January 19, 2018 at 12:41 am
    Reply

    spectre meltdown checker error during the vulnerability check ??

    Regards

  3. KoO said on January 18, 2018 at 3:03 am
    Reply

    Windows 8.1 x64
    Installed
    Win8.1AndW2K12R2-KB3191564-x64
    windows8.1-kb4056568-x64_e93e9e9d52d36bc209a0376e926b6e53c657ef3b
    windows8.1-kb4056898-v2-x64_754f420c1d505f4666437d06ac97175109631bf2

    After running SpectreMeltdownCheck as admin all I get is this (Error during the vulnerability check)

    But with SpecuCheck

    C:\>SpecuCheck.exe
    SpecuCheck v1.0.5 — Copyright(c) 2018 Alex Ionescu
    https://ionescu007.github.io/SpecuCheck/ — @aionescu
    ——————————————————-

    Mitigations for CVE-2017-5754 [rogue data cache load]
    ——————————————————-
    [-] Kernel VA Shadowing Enabled: yes
    ├───> with User Pages Marked Global: no
    └───> with PCID Flushing Optimization (INVPCID): yes

    Mitigations for CVE-2017-5715 [branch target injection]
    ——————————————————-
    [-] Branch Prediction Mitigations Enabled: no
    ├───> Disabled due to System Policy (Registry): no
    └───> Disabled due to Lack of Microcode Update: yes
    [-] CPU Microcode Supports SPEC_CTRL MSR (048h): no
    └───> Windows will use IBRS (01h): no
    └───> Windows will use STIPB (02h): no
    [-] CPU Microcode Supports PRED_CMD MSR (049h): no
    └───> Windows will use IBPB (01h): no

    Just hope Asus update the bios for my H97i plus board..

    Thanks for the article….

    Now I can check my Linux side…

  4. Nik said on January 16, 2018 at 3:13 am
    Reply

    Stuck at “Checking” on my machine

  5. dark said on January 16, 2018 at 1:27 am
    Reply

    Use SpecuCheck instead. It’s open source.

  6. kalmly said on January 15, 2018 at 3:48 pm
    Reply

    I’ll pass. Like Tom Hawack, I’m running Win7 with no AV, relying on my every day backups.

    1. Tom Hawack said on January 15, 2018 at 4:19 pm
      Reply

      @kalmly, indeed I avoid whatever AV and all those “universal anti-malware, anti-virus, surf-in-peace” machines, called so by me because of their octopus way of being installed and running. But at the same time I do have system-wide protections (else than those above mentioned) mainly composed of daily updated filtering lists (domain and addresses) and I drive as carefully as a driver with no license would. What I mean is that banning usual defenders and usually advised defenses requires a minimum of counterpart : I certainly wouldn’t advise someone starting to use networks to simply avoid those anti-x applications.

    2. Sophie said on January 15, 2018 at 3:59 pm
      Reply

      Also, another thing is that these kind of Microsoft offerings very rarely fully describe what their true purpose in life is……….AND……..they usually just come as a small (tiny) stub installer, giving you even less idea of what its going to do to your system……and then may well require at least one reboot, and a progress bar that runs and runs…….all while you don’t know what its changing or doing.

      I always prefer a proper executable to these stub installers that leave you largely in the dark……..and in fact, I have practiced something else for at least a year now……which is to install everything in my VM, and then “port” the folder structure over to where I really want to run the software, in the hope it will run as if it were actually a portable app, when its not.

      This has served me well. Granted that if there are dependencies, or the need for registry keys, this might quickly fail, but I have had a terrific success rate in porting folder structures over as if they are portable apps, and running just great. This way, I know that very little has touched the Registry, and no junk is left laying around. I do this all the time now with new software, and that’s another reason to avoid stubs.

      1. Clairvaux said on January 15, 2018 at 5:08 pm
        Reply

        “Install everything in my VM, and then “port” the folder structure over to where I really want to run the software, in the hope it will run as if it were actually a portable app, when its not.

        Whaaaat ? How can this possibly work ? I always install with Revo, and the logs always show modified registry values, often many of them.

      2. Sophie said on January 15, 2018 at 5:54 pm
        Reply

        Also, it doesn’t mean that certain Registry values won’t be created [after the fact]. They might well be, and you’d never know. It’s just that you minimise impact of an install by porting it, and seeing if it will work as prescribed. I’ve definitely encountered things that won’t too!

      3. Clairvaux said on January 15, 2018 at 9:58 pm
        Reply

        @ Sophie

        Some things are bound not to work. For instance, you don’t get modified right-click menus, do you ?

        On a related subject, I was wondering which was your main working environment : your host OS, or the hosted VM ?

      4. Sophie said on January 16, 2018 at 8:59 am
        Reply

        @clairvaux – indeed, some things simply can’t work this way for very individual reasons to do with those applications. But I think I’ve got to the stage where so many installs have appeared to work in all or most regards, that it is now my ‘default’ way of installing something new. My view is…..let’s try it first that way, at least. I then roll back the VM, as if that software had never touched it, or been installed in there either.

        Yes, things that create shell options, right-click, indeed, that will very likely be a problem

        Main working environment? I’d probably have to say 30/70 with the 30 going to the Win-10 host, and 70 to the VM, and Office Applications, Video Editing….or anything fairly serious being on the host, with mainly browsing being on the VM (and of course, porting installs in the way I described)

      5. Clairvaux said on January 16, 2018 at 1:50 pm
        Reply

        Browsing on the VM, yes, it makes sense. Thank you.

      6. Sophie said on January 15, 2018 at 5:52 pm
        Reply

        @clairvaux – Fully understand your surprise, and it is a hit and miss affair. You simply have no idea if this will be successful. Many installs create multiple registry keys, or have dependencies….and simply won’t function if you don’t install them properly.

        But I would say that clear evidence of working just fine emerges, at least for me, as a very high percentage of software I run, never was installed directly where it is run from, as described earlier, and really does work just fine.

        Most recently, I installed some Canon software for a new camera, and was absolutely shocked to find it ran perfectly. I am referring to Digital Photo Professional 4. Just like so many other installs, this was installed in VM, copied over, and I’ve yet to find anything that does not work.

        It’s worth a try first, as you’ve nothing to lose. I’d say that out of 145 programs in that folder, possibly around 125-130 were set up this way.

      7. Tom Hawack said on January 15, 2018 at 6:00 pm
        Reply

        I’m reading both of your comments, Sophie and Clairvaux, and Sophie’s experience with ported installs from virtual to “classical” without the Registry keys a “classical” install would have produced (when it works : 125-130/145 is a nice score!) does mean that many Registry keys created by software installs are absolutely superfluous… but then, why do those installs produce those unnecessary keys?

      8. Sophie said on January 16, 2018 at 9:04 am
        Reply

        @Tom – I wondered about that too…..superfluous registry keys. So I wondered if maybe a lot of these applications still create keys when they are run. They must at least need to store some information somewhere….but the hope might be that everything is a little more controlled and minimal. You also avoid bloat, extra stuff being installed…..as its usually obvious which folders to pick off that constitute the main program.

        After copying a folder tree like that, I will usually uninstall the software, and see if it still runs from the copied tree. And then after that, I try it out back on the host pc, and hope for the best.

        Just one example of many……CCleaner – works perfectly, and the original installer never touched my Win-10.

      9. Sophie said on January 15, 2018 at 4:03 pm
        Reply

        Just had a look….and there are 145 “softwares” in my “Portable Apps” folder, and I would say that 95% of those are not portable apps! They all run perfectly, leaving a very stable system, as you know that very little changes have occurred to your system while doing it this way. All you need is a spare machine, or a Virtual Machine.

        Anyway….I digress.

  7. kalmly said on January 15, 2018 at 3:46 pm
    Reply

    I’ll pass. Running Win7 with no AV, relying on my good backups.

  8. John C. said on January 15, 2018 at 1:08 pm
    Reply

    I can verify that what Anonymous said about the program requiring Windows Management Framework version 5 or higher. I tried to run the program on my Windows 7 (I will NEVER, EVER own a computer with the forced update and privacy nightmare Windows 10 on it) and I got an error message saying the following: “Please install Windows Management Framework version 5 or higher and try again.” Like anonymous, installing more Microsoft (IMO) spyware isn’t in my future.

    1. Sophie said on January 15, 2018 at 3:49 pm
      Reply

      Agreed. Would never want this kind of closed-source MS possible-spyware…..for the simple chance to be able to run some software, that yields a result that is almost a fore-gone conclusion anyway.

      I delete it after it failed on Win7 in my VM ….and never even wanted to run it on my Win-10 host…..and that was after VirusTotal checking it. It did come up clean though.

  9. Clairvaux said on January 15, 2018 at 12:43 pm
    Reply

    Ashampoo is not the primary publisher I would trust for that. Maybe I’m prejudiced, but to me, they are more a marketing company putting so-so programs on the market with heavy-handed promotion tactics.

    1. michaelpaul said on January 15, 2018 at 9:03 pm
      Reply

      Right on found sane mind thanks !!

    2. Sophie said on January 15, 2018 at 3:53 pm
      Reply

      Yes, that’s my impression too. I think it always pays to be cautious, and not just run stuff that cannot stand up to scrutiny.

      Many an OS install around the world will have been compromised by some unforeseen side effect, from something that outwardly appeared a harmless and reasonable thing to run…….only that it wasn’t!

  10. wybo said on January 15, 2018 at 12:25 pm
    Reply

    The app gives me the massage: ‘ install Windows Framework Management version 5 or higher’. What is WFM please?.
    I am wary though of installing it as I’m sure it is partly MS spyware.
    I use W 8.1.

    Thanks

    1. Martin Brinkmann said on January 15, 2018 at 12:35 pm
      Reply

      Windows Management Framework adds or updates certain components, for instance, Windows PowerShell, Windows Remote Management or Software Inventory Logger. See https://www.microsoft.com/en-us/download/details.aspx?id=54616 for additional information.

      1. wybo said on January 15, 2018 at 2:57 pm
        Reply

        Ah. Thanks a bunch Martin.

  11. Norbert Gostischa said on January 15, 2018 at 11:39 am
    Reply

    This program also makes changes in the registry that prevent you from receiving the required updates from Microsoft.

    1. Sophie said on January 15, 2018 at 3:47 pm
      Reply

      Do you have a reliable source for info. like this? It just would not make sense, and would surely damage the reputation of Ashampoo…..though the [their] name is daft enough to have damaged them in my eyes already. (only joking!!) :)

    2. Tom Hawack said on January 15, 2018 at 12:25 pm
      Reply

      Is that so? Would be the ultimate confusion. You mean that a tool intended to check if a system is cpu-vulnerable would at the same time modify the Registry in order to prevent patches aimed at resolving these vulnerabilities? I don’t get it, this time I’d be totally de-satellited if you say right, if I understand you right.

      1. Norbert Gostischa said on January 15, 2018 at 1:58 pm
        Reply

        Unfortunately it’s so.
        Take a look here: https://forum.avast.com/index.php?topic=129271.msg1441036#msg1441036 then notice my followup post which shows the change that occurred after running the program and, the correction needed to reverse that change.

      2. Tom Hawack said on January 15, 2018 at 2:26 pm
        Reply

        OK, I’ve read the post and as I understand it the Ashampoo tool modifies Windows PowerShell’s ExecutionPolicy to “Bypass” while the standard setting should be “Undefined” or “Restricted”, but in what does this prevent the user “from receiving the required updates from Microsoft.” as you mention it above? Maybe is this obvious but as a non-techie I don’t understand the relation between the two (Powershell ExecutionPolicy and Windows Updates). If it’s too technical, obvious, please forget this comment.

  12. Sampei Nihira said on January 15, 2018 at 11:25 am
    Reply

    Ashampoo Spectre Meltdown CPU Checker change the Powershell Execution Policy.
    Set the Current User to bypass.
    To verify:

    Get-ExecutionPolicy -list

    The best is SpecuCheck.
    SpecuCheck not change the Powershell ExecutionPolicy.

  13. Sophie said on January 15, 2018 at 10:56 am
    Reply

    I got (Win7) ….”Error: Could not find the Powershell Executable”.

    Not tried it on Win10.

    A bit put off by what Anonymous said about MS management tool…..plus, I think we have to assume all/many/most are likely vulnerable anyway.

    I will do two things………..assume I am vulnerable………..and wait quite some time to see what (if any) remedial action I may take…..and not rush to install anything that is not truly worked out and tested.

    1. Tom Hawack said on January 15, 2018 at 12:20 pm
      Reply

      Same here (no, I’m not following you, Sophie! I just happen to agree with you quite often).
      Besides, I consider such a tool is pertinent for those who *have* installed Meltdown and Spectre patches since practically *all* processors on the market are vulnerable. In my case I know my processor *is* vulnerable because I’ve installed *no* Windows Update patches but *only* those inherent to a browser (Firefox 57.0.4) and my graphics driver (GeForce 390.65 Driver).

      Works in progress, those of vulnerabilities, those of patches. Confusingly in progress, so to say.

      1. Sophie said on January 15, 2018 at 12:54 pm
        Reply

        @Tom, yes….absolutely….in that this tool is pertinent really only for those that have installed patches, to see if their efforts have yielded a positive outcome. For the rest of us, there’s almost complete certainty that we are affected, so running that test seems fairly pointless.

        The problem is that this issue would appear to be a lot more complex than just a quick software patch, because of the nature of what has arisen, and the fact that this is essentially a low-level hardware issue – the effects of which are not really all that well addressed by software-patching alone (from what I understand).

        If Google are not in a rush to update Chrome…..it has been said that the problem is not viewed as “immediately” serious as some quarters of the media would have us believe. Also, nothing has been exploited so far in the wild.

        When you put all those things together, and then consider some of the Blue Screens and other issues people have had, it really makes sense to “watch this space” and do little for now. I think so anyway!

        I’ve heard little about three letter “agencies” here too….NSA, etc. I would have thought that they would be very keen to exploit this issue. Of course, they have encryption in their sights, and this would be a godsend. Don’t expect them to come forwards any time soon about how this exploit might be beneficial to them! :0-)

        Also, I choose not to use AV. Can anyone answer if Blue Screens might be almost inevitable if you have no AV? Reason being that if no AV….then =no prescribed Registry Key………possibly = Blue Screen?

        haha! I don’t think for a moment that you are following me, and I must admit too, that our views on things often seem to chime, and I like that.

      2. Cigologic said on January 15, 2018 at 4:17 pm
        Reply

        @ Sophie: Also, I choose not to use AV. Can anyone answer if Blue Screens might be almost inevitable if you have no AV? Reason being that if no AV….then =no prescribed Registry Key………possibly = Blue Screen?

        It is not the absence/presence of the compliant registry key per se that causes/ prevents BSOD. The BSOD that may result after installing Microsoft’s Meltdown kernel patch has 2 known causes, namely:-

        CAUSE 1: An incompatible installed antivirus program that makes unsupported kernel calls

        — Microsoft is relying on 3rd-party antivirus vendors to create a compatible program update (that doesn’t make unsupported kernel calls) AND set the compliant registry key. The only purpose of this registry key is to signal to Windows Update that the current version of the antivirus program is safe, thus allowing Windows Update to go ahead & offer the Meltdown patch.

        — As such, if your system lacks a 3rd-party installed antivirus program, there is no antivirus to make unsupported kernel calls that can cause BSOD. Likewise, your system will also lack the compliant registry key, so the Meltdown patch will not show up when you run Windows Update. If you wish for Windows Update to offer the Meltdown patch, you can manually create the registry key yourself.

        — Alternatively, you can bypass Windows Update, download the Meltdown patch from Microsoft’s Update Catalog & install it manually. This is possible because the absence of the compliant registry key does NOT prevent the patch from being installed.

        CAUSE 2: An older CPU model incompatible with MS’s Meltdown patch

        — To date, users of older AMD & Intel CPUs released in 2008, 2009, 2010 & possibly later have reported BSODs after installing the Meltdown patch.

        — For users with older CPUs, there is a possibility that installing the Meltdown patch may nevertheless result in BSOD, even when the system lacks an installed antivirus program, or when the system has a compatible antivirus & the compliant registry key.

      3. Tom Hawack said on January 15, 2018 at 1:11 pm
        Reply

        > “Also, I choose not to use AV. Can anyone answer if Blue Screens might be almost inevitable if you have no AV? Reason being that if no AV….then =no prescribed Registry Key………possibly = Blue Screen?”

        I’ve been wondering about that as well My guess is that the Registry key is tied to a running AV considering it’s been said that the key was required only for non-updated AV definitions, which could mean that no AV means no Registry change. That’s how I see it. Nevertheless should I have opted for installing Microsoft’s patches that I would have created the registry key considering either it’s useless and won’t harm either it would prevent (possibly) a “Blue screen” …

        Would be nice to have this further detailed by users who have a correlated experience.

      4. Sophie said on January 15, 2018 at 3:45 pm
        Reply

        Yes, just creating that key regardless would be the answer. Nice to have some clarification, and surprised that little seems to be said about that. It might be that the assumption is that almost all are using some form of AV, hence the emphasis has been on creating lists of compliance or lack of compliance to certain standards.

  14. ilev said on January 15, 2018 at 9:54 am
    Reply

    Ashampoo should add a test for the “new” (known since 7/2017) Intel AMT (Active Management Technology) security hole.

    Imagine someone having the capability to remotely access and operate your laptop at their whim, without you being able to do anything about it. Pretty scary thought, right? Luckily this couldn’t really happen – magic hacker tricks capable of bypassing strong passwords, firewalls and anti-malware software only exist in the movies.

    “The attack is almost deceptively simple to enact, but it has incredible destructive potential. In practice, it can give a local attacker complete control over an individual’s work laptop, despite even the most extensive security measures,” ..

    The issue allows a local intruder to backdoor almost any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place. ..

    https://business.f-secure.com/intel-amt-security-issue

  15. Anonymous said on January 15, 2018 at 8:53 am
    Reply

    Thanks for the info. However the application displays the result only if you have the Windows Management Framework version 5.1 installed. Not in my intention to install any kind of Microsoft management tool however.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.