windows 10 edition WITHOUT spectre/meltdown patches?

Discussion in 'Windows 10' started by jeff69dini, Sep 15, 2019.

  1. jeff69dini

    jeff69dini MDL Addicted

    Nov 22, 2008
    833
    188
    30
    any rtm version that has none of these patches introduced??..... I know subsequent patches may have added to the base rtm edition...
     
  2. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,345
    661
    120
    older versions maybe.
     
  3. John Sutherland

    John Sutherland MDL Addicted

    Oct 15, 2014
    733
    1,038
    30
    #3 John Sutherland, Sep 16, 2019
    Last edited: Sep 16, 2019
    I would venture to guess that any version of Windows 10 that was released prior to January 2106 and that has absolutely zero security updates installed would not be patched for Meltdown/Spectre in any way. Any build released after January 2016 is either partially or fully patched. Is this a theoretical question or are you actually considering doing it?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. maddogster

    maddogster MDL Member

    Mar 23, 2015
    169
    41
    10
    if you running them under virtual or sandboxed or under linux or macos then you can use plain vanilla iso's i guess as long as those third party stuff fully patched and updated :)
     
  5. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    23,978
    33,775
    390
    No third party anything will fix vulnerabilities in an unpatched windows itself.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. maddogster

    maddogster MDL Member

    Mar 23, 2015
    169
    41
    10
    of course you take that chance but you just reboot to run again like embedded and thin clients that clean up cache every reboot if done properly like sandboxed but yes nothing ever safe when you have scoundrel gov/hackers in every country doing cyber/hardware/software hacking these days and worse :(
     
  7. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,765
    11,927
    340
    #11 Yen, Sep 16, 2019
    Last edited: Sep 16, 2019
    The entry creation date for Spectre 1, Bounds Check Bypass CVE-2017-5753 is 01/02/2017. The date where it became public was later, though. (January 2018).
    Official date of discovery is 6/2017 (wiki).

    There was no patch in the year 2017 yet.

    If you want an unpatched OS I suggest to use LTSB2016

    By discovery of Spectre a new era of vulnerability has been born. Side channel attacks and data leaks from cache or buffers. Since it is based on CPU design (and branch prediction) there never will be a complete patch and always new ways that will be discovered and later tried to be patched. Security has been given up to gain CPU speed and patching leads to performance loss and regains security at best.

    The Coffee Lake refresh to prevent Meltdown even makes the I9 more vulnerable to Fallout compared to older hardware.

    Since there are many different hardware / OS combinations out there actually each one would need an own patch plan to get properly patched, but that is hardly possible.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. maddogster

    maddogster MDL Member

    Mar 23, 2015
    169
    41
    10
    and now netcat attacks on intel cpu's since 2012 so more patches to come and more performance hits :(
     
  9. erpsterm35

    erpsterm35 MDL Addicted

    May 27, 2013
    624
    246
    30
    on which Intel cpus? are you being paranoid or something? :p

    my old machines have not suffered any "performance hits" or drops with the recent win10 patches installed.

    as for the OP, he should use either ltsb 2015 or ltsb 2016 (hey my doctor's pc at a local hospital runs ltsb 2015 - I had an appointment with him earlier this September)
     
  10. maddogster

    maddogster MDL Member

    Mar 23, 2015
    169
    41
    10
    sure new machines decent but depends on workloads so you like me don't use workloads that take performance hits yet or never will if we don't use certain software or usage - even my 12 yr old laptops on core 2 duo not any slower other than browsers more bloated and more memory usage depending on number of tabs open :) paranoid i am not but the news is always out on security forums of breaches daily, weekly and so on but i keep going on as long as my machines patched and third party always getting upgraded as well as bios and firmware and drivers updated; and it is all cpu's for now as far as i know until i see different for gen 9 and gen 10 as it was the design architecture so intel is probably bandaiding 9 and 10th gen but that will cause a hit somewhere else or hackers will find other vulnerabilities; don't fret just keep updating as we cannot ever be 100 percent safe in life :) humans are flawed and create flawed stuff -- i just report the news i don't create it :)
     
  11. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,345
    661
    120
    im running patch on one machine I7 first Gen and two I7 third Gen and see much of a slow down.
     
  12. maddogster

    maddogster MDL Member

    Mar 23, 2015
    169
    41
    10
    and add antivirus and security suites always monitoring in memory and then that much more hit :)
     
  13. erpsterm35

    erpsterm35 MDL Addicted

    May 27, 2013
    624
    246
    30
    and speaking of web browsers, the meltdown & spectre patches are also implemented on the browser level and not just the windows os level (oh yes, they're included in modern Firefox & Google Chrome versions)

    and some of my machines use AMD cpus instead of Intel - so I'm not too worried about any performance hits or slowdowns since I barely notice them (like only small slowdowns)