On Tue, Jan 9, 2018 at 1:24 PM, Ted Roche <tedro...@gmail.com> wrote: > On Sun, Jan 7, 2018 at 5:27 AM, AndyHC <a...@hawthorncottage.com> wrote: > >> Having read El Reg's pretty good article [ >> http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ ] I >> would just take issue with the suggestion that the vulnerability could be >> breached by Javascript (malign code in e.g. a jpg maybe, but not just >> javascript in a browser). > > Thanks for the reference. Linux machines were all updated Friday, > Windows machines under my supervision Friday and again Saturday. > Client LAMP boxes onsite were updated Friday, and VPS machines still > seem to be getting updates. Rebooted Friday and again Sunday > afternoon.
And my hosting provider (Linode, good experience) has updated their host machines, requiring another very brief restart on each of my hosted boxes. > >> If you've got a home PC don't worry about state-level actors - if they want >> you they'll get you. Oh but don't let your browser remember important >> passwords, and try to remember to switch off each time after doing your >> online banking. > > And... right on time: "Windows Meltdown and Spectre patches: Now > Microsoft blocks security updates for some AMD based PCs:" > "Microsoft has paused nine operating system security updates after > complaints that they rendered some AMD PCs unbootable." > > http://www.zdnet.com/article/meltdown-and-spectre-now-microsoft-blocks-security-updates-for-some-amd-based-devices/ > And, apparently, security never sleeps, as Microsoft released an updated advisory on Friday night (~5 PM Seattle time, hmmm...) that it was okay to patch AMD machines again. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 Perhaps I'll wait a while on this one, and find out how it works for others... -- Ted Roche Ted Roche & Associates, LLC http://www.tedroche.com _______________________________________________ Post Messages to: ProFox@leafe.com Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/CACW6n4veeSrNOQ10htBaUMSp__6mooARf1j=+gqcE++m=yp...@mail.gmail.com ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.