Windows 10 News and info | Forum
August 20, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Windows 10 Spectre 2 Mitigation Now Uses Retpoline By Default  (Read 46 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 30354


I Do Windows


WWW Email
« on: May 15, 2019, 11:49:31 AM »
ReplyReply

If you currently have mitigations enabled for the Spectre Variant 2 (CVE-2017-5715) vulnerability, Microsoft has now enabled the Retpoline Spectre mitigation feature by default in Windows 10 version 1809 (October 2018 Update) for better performance.

When Microsoft released mitigations for the Spectre vulnerabilities they caused a performance hit on older computers. To provide a better solution, Microsoft had been testing new mitigation called Retpoline in Windows 10 Insider builds that would protect the computer but without the negative side effect of decreased performance.

In March we reported that Microsoft had ported the Retpoline feature to Windows 10 version 1809, but it was not enabled by default. Instead, users had to manually enable Retpoline in order to take advantage of this new feature.

Microsoft announced today that if you currently have mitigations enabled for the Spectre Variant 2 (CVE-2017-5715) vulnerability, Retpoline will be enabled by default under the following conditions:

Spectre, Variant 2 (CVE-2017-5715) mitigation is enabled.

   ○ For Client SKUs, Spectre Variant 2 mitigation is enabled by default

   ○ For Server SKUs, Spectre Variant 2 mitigation is disabled by default. To realize the benefits of
      Retpoline, IT Admins can enable it on servers following this guidance.

Quote
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True  

Windows OS support for branch target injection mitigation is present: True

Windows OS support for branch target injection mitigation is enabled: True

BTIKernelRetpolineEnabled                : True

BTIKernelImportOptimizationEnabled  : True

Supported microcode/firmware updates are applied to the machine.


For those who did not enable these mitigations because you were concerned about the performance hit, you can now enable them by following the instructions in this Microsoft support article.

In related news, new MDS speculative execution vulnerabilities were disclosed today called ZombieLoad, RIDL, and Fallout.

source
« Last Edit: May 15, 2019, 11:51:47 AM by javajolt » Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page August 02, 2019, 01:22:15 AM