New Intel CPU Security Flaw Fix Could Cause Up To 30% Performance Hit

A new security flaw within Intel CPU’s, some as old as 10 years old, has been found. The flaw affects all operating systems, including Linux, MacOS, and Windows. A fix for the flaw has been in the works for Windows since November. Current updates look to impose a 5-30% performance hit on the processors. AMD processors do not have this flaw. Incidentally, AMD stocks are rising while Intel is dropping.

As for the details of the flaw? I’ll let the experts explain it, as they can do a much better job.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we’re looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Your mileage may vary.

Update: Intel has put out a press release, mentioning that it may not be limited to just Intel CPU’s and may include AMD and ARM CPU’s as well. Still no confirmation on the impact with the other vendors or how vulnerable they are, but according to Intel it may be an issue.

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

Update 2: There seems to be some confusion between multiple processor flaws that have recently been released. This site has a lot more information on both of them.

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

Update 3: AMD has released a statement showing that their CPU’s are not vulnerable to the Intel CPU flaw.

To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD’s architecture, we believe there is a near zero risk to AMD processors at this time.

Update 4: Microsoft has released an out-of-band patch for Windows 10 in KB4056892. Should come through in automatic updates.

January 2018 Security Updates

Release Date: January 03, 2018

The January security release consists of security updates for the following software:

  • Internet Explorer

  • Microsoft Edge

  • Microsoft Windows

Read More

Microsoft Professional Program Now Includes IT Support

Posted on

For those starting out in the IT Support field, which includes Help Desk and Technical Support, the Microsoft Professional Program has a new self-learning trackIT Support. The Microsoft Professional Program has several other tracks for interested IT Professionals that may be of interest. It is a self learning curriculum that doesn’t include any formal certifications, but it is a great learning opportunity.

The full track is pretty intensive, including 14 required courses each taking from 8-16 hours. The skills learned include communication, hardware and networking essentials, Windows installation, configuration, maintenance, and more.

This is the first MPP track aimed entirely at beginners, and provides job-ready skills for anyone looking to enter IT Support. This is a great way to enter the IT field, which has an estimated need of 400,000 jobs worldwide. The only requirements before beginning this track is some familiarity with computers and the ability to access the online courses, making it ideal for someone who wants an entry-level position in IT Support but may not have the necessary skills.

Read More

Make File Explorer Open “This PC” and not “Quick Access”

 

One of my annoyances with Windows 10 is that when you open File Explorer, you are greeted with the “Quick Access” options, which for me is not really quick access. I find it faster and easier to go straight to “This PC”. Here is how you can switch the default behavior within File Explorer.

 

 

1. Open File Explorer. Click on Options > Change folder and search options:

 

 

2. On the ‘Open File Explorer to’ dropdown box, change the default from Quick Access to This PC.

 

 

3. Click OK, then test it by opening File Explorer from the quick start buttons on the task bar. It should open to This PC!

 

Read More

Farewell Groove Music, Hello Spotify

Posted on

It should come as no surprise to anyone as there has been a bit of notice, January 1st marked the date where Groove Music was finally discontinued. For those that were subscribers, you should have already gotten a pro-rated refund. The Groove Music App will still be maintained, which is good news. It is a great Windows app for listening to music.

For anyone looking for an alternative service, Microsoft has partnered with Spotify, which is a great service as well.

For more information on the loss of Groove Music, take a look at Microsoft’s FAQ for the discontinuation of the service.

On January 1, 2018, the Groove Music Pass streaming service was discontinued. If your Pass subscription went beyond December 31, 2017, we will give you (or already gave you) a prorated refund or a Microsoft gift card (see timing details below). We’ll continue to update the Groove Music app so you can play and manage the music you’ve purchased and downloaded to your PC or uploaded to OneDrive or another cloud storage service, but the app will no longer stream or play Groove Music Pass content.

Read More

Windows Insider Fast Build 17063 Released

A lot of new features in the latest build that was just released, build 17063. Make sure to check out the known issues before updating, as a few popular games (notably League of Legends) can cause a Green Screen of Death.

New features include Timeline, Sets, Fluent Design elements throughout. Check it out!

Known issues

  • Popular Tencent games like League of Legends and NBA2k Online may cause 64-bit PCs to bugcheck (GSOD).
  • [DEVELOPERS] Deploying an x86 app to a x64 PC remotely result in “FileNotFound” deployment failures if the target PC is running Build 17040. Deploying an x64 app to a x64 PC remotely or a x86 app to a x86 PC will work fine.
  • Microsoft Edge may not receive Push Notifications from websites in this flight, due to an issue saving permissions on a per-site basis. We expect this issue to be resolved in the next preview build.
  • Launching an immersive 360 degree video from the Movies and TV app within Windows Mixed Reality will result in the video facing the wrong way. Subsequent launches of 360 degree videos will work correctly.
  • When users try to create a Microsoft Edge InPrivate window from inside a Mixed Reality headset, a regular window will get created instead. Users won’t be able to use InPrivate inside Mixed Reality in this build. InPrivate on desktop is not affected.
  • We’re preparing for the inclusion of OpenSSH Server as a deployment mechanism in Developer Mode. However the UI code got checked in ahead of the components, and so while there is a “Use OpenSSH (Beta) for remote deployment” switch in the UI under Settings, it won’t work, and turning it on will break remote deployment to that device until the switch is turned off.
  • If you’re using any EUDC fonts Microsoft Edge, Cortana, and other apps that use a webview won’t launch. You can resolve this issue by deleting the HKCU\EUDC key in Registry Editor. Note, if you do this, you won’t be able to see EUDC characters. We recommend you export this regkey before deleting it, so it’s easy to reapply the key in a future flight once the issue has been fixed.
  • After upgrading to this build you may find touch and pen to not work on the non-primary display. Related to this, mouse, touch, and pen input might not happen in the right place after an orientation change or if you’re using a non-native aspect ratio. We’re working on a fix.
Read More

New Insiders Build for Fast Ring: 17046

The latest build, build 17046, is now available to Fast Ring Insiders for Windows 10. As always, check the release notes to make sure there isn’t something in there that will directly affect you and stop you from using a feature that you count on!

General changes, improvements, and fixes for PC

  • We’ve added settings that let you view and manage your activity history, which Cortana uses to let you pick up where you left off. Find these settings in Settings > Privacy > Activity history.
  • We fixed an issue where the Properties dialog for This PC in File Explorer wasn’t working in the last two builds.
  • We fixed an issue resulting in Insiders with certain third party antiviruses and OneDrive Files on Demand enabled seeing an error in recent builds citing “OneDrive cannot connect to Windows”.
  • We fixed an issue that could result in delays during logoff and shutdown when a UWP app was open and in suspended state.
  • We fixed a community reported issue where display colors became distorted after upgrading on some TV’s and monitors that incorrectly advertised support for 10/12 bit wire formats.
  • We fixed an issue from the previous flight that could cause heavily-threaded DirectX 12 apps to crash on launch after the first launch.
  • We’ve adjusted the application of acrylic in the touch keyboard to better align with the fluent design standards.
  • We fixed an issue where keys might remain highlighted when typing on the wide touch keyboard layout.
  • We fixed an issue where keys might be dropped when typing with the Chinese (Simplified) touch keyboard.
  • We fixed an issue where when writing a long sentence in the handwriting panel it might scroll while your pen was writing, resulting in an ink stroke across the panel.
  • We fixed an issue resulting in the hardware keyboard text suggestions potentially not working until the touch keyboard had been launched once.
  • We fixed an issue resulting in the mouse noticeably flickering between + and the mouse pointer icon when moving across cells in Excel 2016.
  • We fixed an issue resulting in some Insiders seeing their Start menu layout being reset after upgrading to the previous flight.
  • We fixed an issue resulting in miniview windows (for example in Movies & TV or Skype) flying offscreen when attempting to be resized in the last few flights.
  • We fixed an issue where clicking search results for settings in Settings in the last few flights would always take you to the top level category in the last few flights, rather than the actual category you searched for (for example, Display Settings instead of Storage Settings).

Known issues

  • If you are experiencing broken functionality in Mail, Cortana, Narrator or missing some features like Windows Media Player, please see this Feedback Hub post: https://aka.ms/Rsrjqn. While this issue has been addressed, if you ever upgraded from 16299.xx to 16299.15 (and then to newer builds) you may still need to take the steps to get your PC back into a good state.
  • Popular Tencent games like League of Legends and NBA2k Online may cause 64-bit PCs to bugcheck (GSOD).
  • VPNs which use custom pop-up windows during connection attempts may fail to connect with error 720.
  • Due to a bug that was introduced on this build, you may not receive all of your notifications from Cortana. Reminders are unaffected by this bug, but you may not receive other Cortana notifications that you are expecting. The fix for this should be in the next flight.
  • [DEVELOPERS] Deploying an x86 app to a x64 PC remotely result in “FileNotFound” deployment failures if the target PC is running Build 17040. Deploying an x64 app to a x64 PC remotely or a x86 app to a x86 PC will work fine.
  • All types of dynamic volumes listed here will not mount properly or be accessible from Windows. The data remains intact on the volume, it is just not accessible from this OS build. If you need access to the data you can roll back to an earlier build.  A fix for this issue will be released in the next build.
  • After upgrading to build 17035 or later you may lose certain dictionary files, resulting in not being able to input Japanese or Traditional Chinese via IME, Touch Keyboard, or Handwriting if you are using a non-Japanese or non-Traditional Chinese language-based OS (like an English-based OS). We are working to fix it. In the meantime, this should help to get you unblocked:

1. Go to Start > Settings > Time & Language > Region & language.

2. Under Language, select your language (e.g. “Japanese”).

3. Click [Option] and if the [Download] button is available for “Basic typing” under the Language options, please click it to start download.

4. Once the dictionary files have been downloaded, you can check the status of the necessary optional feature in Settings > Apps > “Apps & features” > “Manage optional features”. The name will be something like “Japanese typing” or “Chinese (Taiwan) typing”.

Read More

Updates for Microsoft Certification Beta Exams

For those out there that are Microsoft Certified Professionals and have taken beta tests in the past, there is an update to the beta program. Due to a lot of no-shows when it comes to the beta exams, Microsoft will be giving an 80% discount on the beta exams instead of 100%. You also get a 20% discount when you show up – pass or fail. If you’re planning another certification in the next year, it can make the beta exam essentially free.

As many of you know, seats for many of our beta exams fill rapidly, which, in theory, should be a good thing. Quick registration means high levels of interest, which should translate into having a sufficient enough of candidates taking our exams quickly enough that we can perform the required psychometric analysis to identify the good items and remove the bad items in a few weeks.

However, we are seeing an increasing number of no shows. Unfortunately, these seats are “lost,” meaning that they took a seat from someone who would have showed up but couldn’t participate in the beta because all the seats were taken when s/he tried to register, often requiring us to extend betas. As a result, every no show delays our ability to gather the necessary data to move the exam out of beta and delays the scoring of the beta exam for those who DID show up—because we need several hundred completed exams before we can start scoring.

Read More

Windows 10 Insider Build 17040 Released

The Fast Ring of the Windows Insider program has just received a new build, build 17040. As always, be sure to check the change notes for the known issues in case there is a show stopper for you.

General changes, improvements, and fixes for PC

  • We’ve added settings that let you view and manage your activity history, which Cortana uses to let you pick up where you left off. Find these settings in Settings > Privacy > Activity history.
  • We fixed an issue where network profiles might change from Private to Public after upgrading to the previous build.
  • We fixed an issue resulting in checkboxes being missing from certain win32 apps.
  • We fixed a typo in the Windows Defender Security Center’s Controlled Folder Settings.
  • We fixed an issue resulting not being able to fully remove Windows.old in the last two flights.
  • We fixed an issue resulting in Narrator not saying anything when the candidate bar for hardware keyboard prediction opened. We also fixed an issue where Narrator wasn’t reading the word candidate when the focus moved into candidate bar.
  • We fixed an issue where the “Working on updates” screen was black with a small theme colored box instead of entirely theme colored.
  • We fixed an issue resulting in some Insiders experiencing a green screen on the previous flight with the error BAD_POOL_CALLER.
  • We fixed an issue resulting in UWP app sometimes leaving drop shadow leftovers after closing the window.
  • We fixed an issue where inactive window scrolling wouldn’t work if Excel 2016 was in focus.
  • We fixed an issue resulting in a noticeable flicker when using hotkeys or a precision touchpad to switch between virtual desktops.
  • We fixed an issue where the XAML Reveal light wouldn’t follow your mouse until the first mouse click – instead showing the entire element lit. This issue was visible in Settings and other XAML based UI in the last few builds.
  • We fixed an issue resulting in changes to Feedback Frequency in Feedback & Diagnostics Settings not persisting after leaving the page and returning.
  • We fixed an issue where Start wouldn’t open if you pressed the Windows key when the system menu from elevated Command Prompt or Task Manager window was open.
  • We fixed a rare issue where if you had certain streaming-capable apps on your PC before upgrading you might end up seeing a black screen with only a cursor for some time after logging in.
  • We fixed an issue from recent flights where the “Add” button in the PIN section of Sign-in Option Settings didn’t work for local accounts.
  • We’ve updated the icon for Collections in Cortana.
  • We’ve updated the touch keyboard so that the margin between each key is visual only. This change will be noticeable if you accidentally overshoot the key press by just a tiny bit – before it might seem as if key presses were being dropped in this scenario.
  • Based on your feedback, the feature to restore applications that have registered for application restart after you reboot or shutdown (through power options available on the Start Menu and various other locations) has been set to only occur for users that have enabled “Use my sign-in info to automatically finish setting my device after an update or restart” in the Privacy section under Sign-in Options Settings.

Known issues

  • If you are experiencing broken functionality in Mail, Cortana, Narrator or missing some features like Windows Media Player, please see this Feedback Hub post: https://aka.ms/Rsrjqn.
  • Popular Tencent games like League of Legends and NBA2k Online may cause 64-bit PCs to bugcheck (GSOD).
  • VPNs which use custom pop-up windows during connection attempts may fail to connect with error 720.
  • Due to a bug that was introduced on the previeous build, you may not receive all of your notifications from Cortana. Reminders are unaffected by this bug, but you may not receive other Cortana notifications that you are expecting. We are working to resolve this issue and will release the fix in an upcoming flight.
  • The Properties dialog for This PC in File Explorer isn’t working and can’t be invoked from the context menu.
  • Insiders with certain third party antiviruses and OneDrive Files on Demand enabled may see an error citing “OneDrive cannot connect to Windows”.
Read More

Microsoft Has Stopped Manufacturing The Kinect

The Kinect for the Xbox hasn’t been that successful. The most use I get out of it has been “Xbox, Pause”. It has potential, but it just didn’t have much support. Even then, it wasn’t the best support. Microsoft has stopped the production of the device, giving it’s last nail in the coffin.

It wasn’t a bad device by any measure. It just didn’t have the games or applications to make it a hit.

The Kinect had already been slowly de-emphasized by Microsoft, as the Xbox team anchored back around traditional gaming to counter the PS4, rather than take its more experimental approach to entertainment. Yet while the Kinect as a standalone product is off the market, its core sensor lives on. Kinect v4–and soon to be, v5–powers Microsoft’s augmented reality Hololens, which Kipman also created. Meanwhile, Kinect’s team of specialists have gone on to build essential Microsoft technologies, including the Cortana voice assistant, the Windows Hello biometric facial ID system, and a context-aware user interface for the future that Microsoft dubs Gaze, Gesture, and Voice (GGV).

Read More

Build 17025 Available for Fast Ring Insiders for Windows 10

Those in the Fast Ring are now able to update to 17017. Not a whole lot of new features, numerous fixes. As usual – check the known issues to see if there is a show stopper for you!

Known issues

  • If you are experiencing broken functionality in Mail, Cortana, Narrator or missing some features like Windows Media Player, please see this Feedback Hub post: https://aka.ms/Rsrjqn.
  • Using a swipe gesture with touch to dismiss notifications from the Action Center is currently not working. We’re investigating – for now you’ll need to use the clear all button, or use mouse/keyboard.
  • There’s a noticeable screen flicker when using hotkeys or the touchpad to switch between Virtual Desktops.
  • Invoking the Game bar with Win + G may cause the mouse cursor to become unresponsive while Game bar is up. Keyboard navigation still works and pressing Win + G again will close the Game bar, restoring the mouse cursor to the game.
  • Calendar toast dismiss and snooze icons may be missing from notifications in Action Center.
Read More