nVidia release SPECTRE bug patch

[ClarkF1]

nVidia have released drivers to patch SPECTRE exploits.

http://www.pcgamer.com/nvidias-latest-gpu-drivers-includes-a-spectre-fix-and-fortnite-optimizations/

Latest drivers released today: 390.65

 

[ragnar28]

Hi there i seem to not understand how this spectre and meltdown bug works. I was under the impression it was a fault in the cpu's of computers and smartphones and that all you had to do is ( once apple , goog,e windows ,android or whomever release their fix ) you download it and that it all solved. I see here Nvidia has a fix too?

 

[ClarkF1]

It appears nVidia have a similiar vulnerability on their GPUs hence the fix.

 

[ubuysa]

The root of the issue is, I believe from what I've been reading, a feature built in to Intel CPUs (at least) that aims to speed up program execution by executing several instructions at once and then putting the results back together. The tentative results of each instruction execution is held is an area of the processor called a side-channel which can apparently be accessed by user code. The Meltdown and Spectre exploitations work by accessing these side channels and using the data found there to infer information from previous instructions that shouldn't be available and might be a security risk.

In the long term I suspect we're looking at microcode/firmware updates for the affected CPUs and possible even CPU replacements, though how that would be managed I have no idea.

In the short term operating system vendors have modified their code so that user code cannot access side channel data (at least that's my belief). It would seem that Nvidia drivers can also access side-channel code and my guess is the new drivers prevent that.

In short the vulnerability still exists in Intel CPUs (and I think in AMD CPUs too but to a lesser extent) but it's now much more difficult (though possibly not impossible) for malware code to exploit this vulnerability.

 

[petereighton]

I vaguely understand what's going with the CPU but what do I do about it?
I have a PCS desktop and have run the Microsoft script that checks the CPU. The result is only partially OK and returns the message
"install BIOS/firmware update provided by your device OEM that enables hardware support for branch target injection mitigation"
Has PCS done anything about this? If so, how do I get it and use it?

 

[SpyderTracks]

I vaguely understand what's going with the CPU but what do I do about it?
I have a PCS desktop and have run the Microsoft script that checks the CPU. The result is only partially OK and returns the message
"install BIOS/firmware update provided by your device OEM that enables hardware support for branch target injection mitigation"
Has PCS done anything about this? If so, how do I get it and use it?

It will be up to the motherboard manufacturer to release a BIOS/Microcode update for the board/cpu. You have to check their website for updated releases and then check with PCS before applying it.

 

[Devlin]

I just updated BIOS