01-02-2018 11:05 PM - last edited on 03-06-2024 09:57 PM by ROGBot
11-17-2018 11:31 PM
03-05-2019 09:11 AM
03-05-2019 05:40 PM
03-05-2019 05:56 PM
pokuly wrote:
When you also want to mitigate Speculative Store Bypass (SSBDWindowsSupportEnabledSystemWide : True) you have to use these values for the reg:
Tested with my i8700 Coffee Lake
"FeatureSettingsOverrideMask"=dword:00000403
"FeatureSettingsOverride"=dword:00000408
03-05-2019 06:05 PM
Brighttail wrote:
Does this give you any measurable increase in M.2 / SSD speed?
03-05-2019 06:28 PM
pokuly wrote:
If anything it decreases performance by a minimal amount since you mitigate another vulnerability.
CrytalDiskMark is pretty much the same with my RAMdrive and still by the same amount faster against non activated recent kernel changes.
The MS script outputs:
BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : True
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
BTIKernelRetpolineEnabled : False
BTIKernelImportOptimizationEnabled : True
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled : True
SSBDWindowsSupportPresent : True
SSBDHardwareVulnerable : True
SSBDHardwarePresent : True
SSBDWindowsSupportEnabledSystemWide : True
L1TFHardwareVulnerable : True
L1TFWindowsSupportPresent : True
L1TFWindowsSupportEnabled : True
L1TFInvalidPteBit : 45
L1DFlushSupported : True
05-14-2019 09:28 PM
05-15-2019 06:06 AM
geneo wrote:
CDM with RAM cache isn't a good measure of anything.
05-31-2019 06:48 AM
05-31-2019 09:52 AM
geneo wrote:
Microcode is loaded into the processor by the BIOS. If an installed Microsoft update has a newer version of the Microcode than what was loaded by the BIOS, then Windows loads that updated Microcode into the processor early in the boot. If someone has the level of access to your system to alter the microcode, they already have enough access to do your system harm anyway.
You often do not get these microcode updates from Microsoft automatically through Windows Update - you need to fetch the update and install it manually. As mentioned, if you uninstall the microcode update, it won't be loaded and may leave you open to someone exploiting the vulnerability it protected against.