New InSpectre release reveals if microcode updates are available - gHacks Tech News

New InSpectre release reveals if microcode updates are available

We reviewed the InSpectre application by Gibson Research when it first came out in January 2018.

The program checked whether Meltdown or Spectre patches were installed on the Windows machine and gave an estimate on the performance impact those patched had on the system.

Microsoft released a security update for Windows in January to address some of the issues associated with the vulnerabilities. The company published instructions on finding out if Windows PCs were affected by Spectre or Meltdown; soon thereafter, third-party programs such as Ashampoo Spectre Meltdown CPU Checker or InSpectre were released to make this even easier for users and system administrators.

InSpectre Release #8

spectre meltdown vulnerability check

Gibson Research released several InSpectre updates that improved the application's functionality. Release 7 listed information about the CPUID, and yesterday's new release, Release 8, shows to you whether a microcode update is available or not.

Intel revealed recently that it won't publish microcode updates for processors that the company has not patched already. The company published a PDF document entitled "Microcode revision guidance" which reveals processors with and without microcode updates.

Gibson's program uses the list to highlight whether microcode updates are available for the device's CPU.

Usage is still very simple: download the latest version of the application from the official project website and run it after the download. InSpectre is a portable application that does not need to be installed. You can run it from any location, or put it on a USB Flash Drive to run it on any device you connect the Flash Drive to.

The program displays the vulnerability status of the system on start. It shows whether the system is protected against Meltdown or Spectre attacks, and the performance impact.

"Microcode Update Available"  highlights whether Intel released microcode updates for the processor.

Microsoft released an update for Windows 10 version 1709 that includes the microcode update for patched processors.

KB4090007 lists available products and CPUIDs. Windows users can download the update for Windows 10 version 1709 from the Microsoft Update Catalog website to protect against Spectre Variant 2 attacks.

The update is listed as critical but it has not been distributed via Windows Update or other automatic update services yet.

Closing Words

InSpectre offers one of the easiest ways to find out if a Windows system is fully patched against Spectre or Meltdown vulnerability attacks. The new version shows whether Intel released an microcode update for the process which should make things easier as well.

Now You: How is your system's protection status?

 

 

 

Summary
software image
Author Rating
1star1star1star1star1star
5 based on 7 votes
Software Name
InSpectre
Operating System
Windows
Software Category
Security
Landing Page




  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Nico said on April 12, 2018 at 1:55 pm
      Reply

      My main desktop (Skylake) is fully patched since a few days, but I also have some older desktops both here at home, at my father’s place and my in-laws where I’m still waiting for Asus and MSI to release new BIOS updates.
      Unfortunately MSI support already told me they won’t release an update for their Sandy Bridge and Clarkdale boards, although Intel has released microcodes for them.
      Don’t know about Asus yet about their Haswell, Ivy Bridge and Lynnfield boards, and a Bay Trail 2-in-1. For these Intel also released new microcodes.
      Only my Core2Duo E6600 will remain vulnerable, but it’s only very rarely used as an HTPC in the bedroom…

      1. Nico said on April 13, 2018 at 12:11 pm
        Reply

        In the meantime Asus tech support replied. It wasn’t a stone cold ‘no’ like MSI tech support gave, but I could read between the lines it’s unlikely they’ll still release BIOS updates for older motherboards.
        He did add Microsoft will try to solve it with an update. I don’t know where he got that info, but it’s indeed possible MS releases something similar to KB409007 for older CPU architectures.

        In the meantime I’m going to check that VMware tool I mentioned a little lower.

        1. nnjxska0 said on April 13, 2018 at 9:52 pm
          Reply

          How is it? Does that VMware tool works with microcode updates?

          Windows 7 / Sandy Bridge here with no BIOS update for my motherboard although microcode update for this specific CPU is available.

          At some point maybe Microsoft will release something like KB409007 for Sandy Bridge but I doubt it’s gonna be for Windows less than 10.

        2. Nico said on April 14, 2018 at 11:08 am
          Reply

          see https://labs.vmware.com/flings/vmware-cpu-microcode-update-driver for instructions.
          I’ve tried it yesterday on a Lynnfield desktop (i5-750). First it gave a positive answer, but after another reboot the tool started saying the microcode wasn’t required. I’ve uninstalled the driver again and will retry when I have some time to play around with it again.

        3. Nico said on April 15, 2018 at 1:26 pm
          Reply

          So far I have negative results using the VMware tool.
          I’ve tried it on my Lynnfield, Clarkdale and Ivy Bridge desktops in combination with the 20180312 Intel microcode.dat. On the first 2 the tool reported a new microcode wasn’t required, and on the latter cpumcupdate reported a newer microcode had been loaded (confirmed by HWiNFO). Then again, running InSpectre and the MS PowerShell check, the Ivy Bridge system still reported to be vulnerable to Spectre.
          I assume the 20180312 microcodes do not contain the bugfix for Spectre yet, and we’ll have to wait till a next update on the Intel download center.

        4. wmguy said on April 14, 2018 at 1:13 am
          Reply

          That VMware tool works, thanks for mentioning it!

      2. spectre said on April 14, 2018 at 4:56 pm
        Reply
    2. Pete12 said on April 12, 2018 at 3:02 pm
      Reply

      Strange, this tool shows my CPUID=306C3 and a Spectre-fix should be available !
      But I can not find it in the KB4090007-list , in fact ; can not find it at all ………..!!

      So, how reliable is this tool anyway ??
      btw; why is ASUS terrible late with BIOS-updates , Im still using BIOS-version 2902 from 2016 !!

      1. Martin Brinkmann said on April 12, 2018 at 3:20 pm
        Reply

        The KB is only for Windows 10 version 1709.

        1. Pete12 said on April 12, 2018 at 5:26 pm
          Reply

          1709 is my rig !
          After installing the tool still showing Not protected against Spectre ………….!!

      2. Nico said on April 12, 2018 at 8:58 pm
        Reply

        The fix is available means: Intel has released a microcode update for it. But it’s still up to the motherboard vendor to release a new BIOS update for your board.
        After I had contacted MSI yesterday (got a negative response) I’ve also contacted Asus this evening. Hoping for a positive answer from them…

        KB409007 is only for Skylake/Kabylake/Coffeelake CPU architectures. It’s useful if the motherboard vendor fails to release a BIOS update, or if the end-user isn’t ‘smart’ enough to actually update the BIOS.
        Maybe MS will release similar updates for older CPUs somewhere down the road.

        As a last resort there’s a VMware tool to inject microcode during Windows boot:
        https://labs.vmware.com/flings/vmware-cpu-microcode-update-driver
        Of course, you also have to get the microcode from the Intel website somehow. I haven’t fully explored that path yet. I’m waiting until I get an answer from Asus.

    3. Yuliya said on April 12, 2018 at 3:17 pm
      Reply

      Spectre & Meltdown Vulnerability Status

      System is Meltdown protected: NO!
      System is Spectre protected: NO!
      Microcode Update Available: YES
      Performance: GOOD
      CPUID: 406F1

      I enjoy having a working system.

      1. pHROZEN gHOST said on April 12, 2018 at 5:06 pm
        Reply

        I love your honesty (and humor) Yulia.

        Any patch could very well make things worse than they are now. We ALL know this.

      2. tux said on April 12, 2018 at 5:12 pm
        Reply

        enjoy your exploits

        1. pHROZEN gHOST said on April 12, 2018 at 5:43 pm
          Reply

          @tux, are you one of the exploiters?

        2. tux said on April 12, 2018 at 7:44 pm
          Reply

          no

      3. Dave Bush said on April 12, 2018 at 6:00 pm
        Reply

        +1, not falling for scare tactics.
        Updates causes more problems then cures.

      4. ilev said on April 12, 2018 at 6:04 pm
        Reply

        +1. Same as mine. Windows 7 updates blocked for 3 years now. i5-2410M CPU Sandy Bridge.

        1. tux said on April 12, 2018 at 7:45 pm
          Reply

          >it’s as if he likes being insecure

        2. John Fenderson said on April 13, 2018 at 1:42 am
          Reply

          We don’t know if he’s insecure or not. He’s just not patched against those exploits. There are other ways of covering that security hole.

    4. mj said on April 12, 2018 at 3:18 pm
      Reply

      System is Meltdown protected: YES
      System is Spectre protected: NO!
      Microcode Update Available: YES
      Performance: GOOD
      CPUID: 306C3

      It says µcode is available, but frankly I can’t find it anywhere.
      My motherboard is MSI Z97-GAMING-5, so I’m hoping MSI ever get around to fixing it.

      1. Pete12 said on April 12, 2018 at 5:27 pm
        Reply

        Yes, same here !!
        Z97ASUS same CPUID …….

    5. mj said on April 12, 2018 at 3:20 pm
      Reply

      System is Meltdown protected: YES
      System is Spectre protected: NO!
      Microcode Update Available: YES
      Performance: GOOD
      CPUID: 306C3

      It says µcode is available, but frankly I can’t find it anywhere.

      My motherboard is MSI Z97-GAMING-5, so I’m hoping MSI ever get around to fixing a bios for haswell.

    6. chesscanoe said on April 12, 2018 at 3:31 pm
      Reply

      I installed KB4099007 for 396D4 (production 0x2A). After a restart and running Steve Gibson’s Inspectre Version 8 again, it says my laptop failed for Spectre but it now shows my chip is 306D4. Checking KB40909007 for that last 306D4 points to production 0x2A again. Re-downloading KB4099007 and trying to install it again gives message it is already installed.

      1. chesscanoe said on April 12, 2018 at 4:41 pm
        Reply

        Windows Update on Windows 10 x64 Home says KB4099007 is successfully installed. (Addendum to my previous post)

        1. chesscanoe said on April 13, 2018 at 4:09 pm
          Reply

          Asus support told me today they are working on a BIOS update for my netbook which may be available in a few weeks, Additionally, Microsoft is working on a total solution with no projected completion date made public.

      2. andy said on April 15, 2018 at 1:22 pm
        Reply

        I have the same issue installing the update caused a massive slowdown and inspectre still says I’m unpatched!!

    7. Max said on April 12, 2018 at 4:01 pm
      Reply

      All are protected here with Haswell and Z97. Thanks to ASrock.

      Asus, Gigabyte, MSI – never again.

      1. A different Martin said on April 16, 2018 at 5:31 pm
        Reply

        Thanks for posting this, Max! I’ve got a friend with an ASRock Z97 Extreme4, and the last time I checked for him, the Spectre-patched BIOS hadn’t yet been released. (I think I must have checked just a few days earlier.) Have you noticed any new problems or quirks? Any minor non-Spectre bugs in the old BIOS that have been fixed?

    8. Richard Allen said on April 12, 2018 at 4:15 pm
      Reply

      “How is your system’s protection status?” Much better NOW!

      On my desktop (Haswell Win7 Pro) I recently Uninstalled the January and February Security-Only Windows patches, I had not updated past Feb., and I have never installed any microcode. I had been doing the Security-Only updates since 2016.

      I decided to hold off on the patches to fix the problems caused by the Jan-Feb patches. January introduced the “Total Meltdown” bug that now requires a patch. The March update created a bug where “Network Interface Card settings can be replaced, or static IP address settings can be lost” and then there are possible issues with SMB memory leaks. And then… even if you don’t use Internet Explorer it’s best to keep it updated but the IE11 March update was replaced with another parch that fixes IE11 doesn’t start after installing the first IE11 patch from earlier in the month. WTF?

      All of the interns from the local pre-school that Redmond is using to work on the Windows 7 Updates should be doing something else, maybe designing a new Zune?

      Thank You Mr. Gibson, I’ll be using the app in the future, I hope, once all of the manure dust settles. Anyway, there are no known exploits for Meltdown or Spectre, never have been.

    9. George said on April 12, 2018 at 4:17 pm
      Reply

      Thanks Intel:

      System is Meltdown protected: YES
      System is Spectre protected: NO!
      Microcode Update Available: NO!
      Performance: SLOWER
      CPUID: 1067A

      The Intel microcode updates required to allow this operating system to protect its user against the most severe Spectre attacks, and/or to minimize their impact upon the system’s performance, are not — and Intel has stated — will never be made available for this system’s processor. (Protection from the Meltdown vulnerability does not require BIOS or processor updates.)

    10. Tom Hawack said on April 12, 2018 at 4:30 pm
      Reply

      Spectre & Meltdown Vulnerability Status

      System is Meltdown protected: NO!
      System is Spectre protected: NO!
      Microcode Update Available: YES
      Performance: GOOD
      CPUID: 206A7

      I’m so frightened, terrible, it’s giving me nightmares, I’ve been told that I yell while sleeping “Meltdown, no! Spectre, no no no please, I beg you on my knees…”. Huuuge.

    11. chesscanoe said on April 12, 2018 at 4:42 pm
      Reply

      Windows Update on Windows 10 x64 Home says KB4099007 is successfully installed. (Addendum to my previous post)

    12. P said on April 12, 2018 at 4:55 pm
      Reply

      Bah! They screwed up the name, should have been Spectre Checker.

      1. tux said on April 12, 2018 at 5:13 pm
        Reply

        by they you mean 1 guy, steve gibson

    13. blobl said on April 12, 2018 at 5:12 pm
      Reply

      System is Meltdown protected: YES
      System is Spectre protected: YES
      Microcode Update Available: YES
      Performance: SLOWER
      CPUID: 206A7

    14. n00b said on April 12, 2018 at 5:14 pm
      Reply

      Don’t use windows…

      1. Nico said on April 12, 2018 at 9:04 pm
        Reply

        Spectre & Meltdown have nothing to do with Windows, you know…
        It’s a bug in the CPU architecture. It’s mitigated through a combination of OS patches (also on Linux) and a microcode (BIOS) update.

    15. XenoSilvano said on April 12, 2018 at 6:03 pm
      Reply

      ha ha, I am in the clear #######! 😋

    16. pHROZEN gHOST said on April 12, 2018 at 6:27 pm
      Reply

      The latest version of the tool says I can run it in administrator mode and then use the buttons at the bottom. I am on the administrator account. This DOES NOT WORK … even if I right-click and run as administrator. Methinks more versions are ahead.

      Like others have found, this tool tells me there is a microcode update.However, Lenovo has another opinion on that …

      Lenovo is aware of the vulnerabilities in certain processors exploited by side channel analysis attacks (also known as “Meltdown” and “Spectre”). We have been working with processor and operating system partners to incorporate fixes as we receive them. Please visit Lenovo’s Security Advisory page for the latest information. This site will be updated frequently as new information becomes available.

      Needless to say, they have nothing available for my intel xeon processor.

      BTW, for those so eager to find a fix ASAP, be aware that there may be some phony fixes out there that leave you high and dry.

      What ain’t broke needs no fix.

    17. Andy said on April 12, 2018 at 7:55 pm
      Reply

      System is Meltdown protected: YES
      System is Spectre protected: NO!
      Microcode Update Available: YES
      Performance: GOOD
      CPUID: 306D4

      I installed the update and my CPUID changed to the one above but im still vulnerable!

      1. chesscanoe said on April 12, 2018 at 9:06 pm
        Reply

        I have the same result as you. Windows Update History says KB4099007 is successfully installed.

    18. Stefan said on April 13, 2018 at 12:03 am
      Reply

      Haven’t updated my Windows 7 x64 since August 2016. It runs smoothly and works as it should. Has secured it other ways.

      A friend of mine has updated his 7 x64 and he has so many bugs/problems with it….

      These Quality Rollups are a joke…as Microsoft !

      How can a patch protect against a hardware architecture that are vulnerable ? I don’t believe in what is said, at least not when it comes to “Spectre”. To me it sounds like propaganda.

    19. OldNavyGuy said on April 13, 2018 at 1:40 am
      Reply

      In my case, CPUID 306C3 is in production, but Toshiba has yet to confirm a release date.

    20. Ray said on April 13, 2018 at 4:24 am
      Reply

      Great! The InSpectre app detected that my Skylake laptop had a microcode update available and Windows 10 offered an update that I had to manually install.

      I also have an Ivy Bridge desktop, but Windows 10 doesn’t have an update for it so I’m at the mercy of my manufacturer for a BIOS update. Not likely going to get one at this rate.

    21. Anonymous said on April 13, 2018 at 5:47 pm
      Reply

      Performance: GOOD

    Leave a Reply