Fake Spectre and Meltdown patch spreads Smoke Loader malware

According to Malwarebytes the link to fake site of the German Federal Office for Information Security (BSI) was distributed through phishing emails. This site has a link to a ZIP archive (Intel-AMD-SecurityPatch-11-01bsi.zip) containing the so-called patch (Intel-AMD-SecurityPatch-10-1-v1.exe), which really is a piece of malware. Upon running it, users will infect themselves with Smoke Loader, a piece of malware that can retrieve additional payloads. The researchers immediately contacted Comodo and CloudFlare to report on this abuse and within minutes the site was blocked.

No more Windows security updates for devices with incompatible antiviruses

Microsoft says that Windows users will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities unless their antivirus software vendor doesn’t change a special registry key in the system registry. The presence of this registry key tells the Windows OS the AV product is compatible and Meltdown and Spectre patches are available for installation.

Performance impact of Spectre and Meltdown patching on Windows Systems

Terry Myerson wrote in a blog post the summary of what Microsoft has found so far. With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU) they expect most users to notice a decrease in system performance. That’s because older versions of Windows have more user-kernel transitions, such as font rendering taking place in the kernel.

With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show “more significant slowdowns”, but with Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU) Microsoft doesn’t expect most users to notice a change because these percentages are reflected in milliseconds.

HP silently installs telemetry client on its customers’ PC

HP customers on various forums report about the appearance of HP Touchpoint Analytics Client on their devices, which they did not install themselves, which runs in the background, and, presumably, slowed down system significantly. An official description of the software says that the program “harvests telemetry information that is used by HP Touchpoint’s analytical services”. How to remove unwanted service describes Martin Brinkmann (Martin Brinkmann) from the gHacks.

More information how to disable telemetry on Windows 10 in our article:

Skype will discontinue the option to sign in via Facebook

To continue using Skype, users need to sign in with an existing Microsoft account or create a new one. According to company, using a Microsoft Account will enable user to login-in via single sign-in, unlocking all his Microsoft services including Skype, with just one password. Currently, using Facebook account to sign in to Skype is not supported on Skype for Windows 10, the new Skype for Android and iPhone, and the new Skype for Windows, Mac, and Linux. Microsoft on its support page offers simple steps to transfer user’s information to a new or existing Microsoft account to continue using Skype without disruption.

Intel identified several security vulnerabilities in Management Engine, Server Platform Services and Trusted Execution Engine

The company’s engineers identified several security vulnerabilities in Intel® Management Engine (ME), Intel® Server Platform Services (SPS), and Intel® Trusted Execution Engine (TXE). According to Intel, among the affected products are some of the Core, Xeon, Atom, Pentium and Celeron processors. Intel has released a downloadable detection tool that allows users to analyze their system for the vulnerabilities identified in security advisory. Link to download the tool is posted in the report.