Windows XP users with Intel processors are completely exposed to Meltdown. There will never be any Microsoft updates for Windows XP or XP Embedded to mitigate Meltdown. XP users of AMD processors are much more fortunate (the writer is looking smug).
I am assuming that if Meltdown is implanted somewhere, say in a file, that there would be some recognisable characteristic which will betray the necessary functionality of Meltdown. Is it feasible or possible for software such as Avast to detect Meltdown and neutralise it or place it in a virus chest, either in realtime or with an on demand scan?
I am not so bothered by Spectre as good browser design seems able to mitigate this nuisance, especially Avast’s favoured Google Chrome with its site isolation feature enabled.
Not necessarily - The Intel processors affected by Meltdown are those considered Modern Intel CPUs. I have been looking for a definitive list of CPUs effected but haven’t found one. However, I believe older systems with XP installed are also likely to have older systems and not Modern Intel CPUs.
As me if I’m concerned by this - the answer is NO - I have a robust backup and recovery strategy to be able to recover from serious issues, not just Meltdown.
My 2 Systems still waiting, Asus List shows for my G11CD-K (Kabylake) still shows on there list TBC lol (whatever that means lol) HP for laptop still shows on there list TBD (to likely to be determined lmao)
But all i can do is wait, keep everything up to date, keep Avast enabled and updated, and just be patient at this point
I use Steve Gibson’s Inspectre tool. It tells me that a 2010 Dell Vostro 200 running Windows XP is vulnerable to Meltdown. Also stated to be vulnerable are Pentium 4 and Celeron 3 powered systems from just after the turn of the century (I’m still getting used to ‘the turn of the century’ not being 1900-1901).
As someone else mentioned, a robust backup strategy is one of the best layers of defense against attackers as well as hardware failures, software issues, etc. I’m fortunate to have a recent custom BIOS that is likely immune, but there are always unknown attack vectors. I don’t worry about XP any more than my W10 system, maybe even less.
From what I have read, Meltdown seems to be undetectable once it has installed itself. The key to its long term residence on PCs is that it operates silently and non-disruptively so no one knows that it is active.
Thank you av20 for that bedtime reading. It’s humbling to read these commentaries and to realise that there are people who actually understand this stuff.
You pointed out Microsoft doesn’t support XP. Unless you’re in a corporate environment that wants to live in the Dark Ages for some reason, you should upgrade to Windows 10, assuming hardware supports it. If it doesn’t then going to Windows 7 would still be better as it still has support for a few more years. But if your hardware is that old that Windows 10 can’t run on it then you’ve got bigger issues than Meltdown. Good luck running anything modern that’s process intensive. Your fix is to upgrade what you’ve got including getting a new computer if needed to run the latest version of Windows 10. You may not have to worry about Meltdown with XP but there are so many known attacks that if you really want to be hacked, you just screamed that out loud by advertising you’ve got XP on a A/V forum of all places. You know the bad guys look at these to see what vulnerabilities they might be able to exploit with the software. Now they have icing on top of the cake.
"If you’re using XP, SP3 why not install the unofficial SP4 and get updates "
It’s unofficial that’s why. The limited few companies that do support fixing XP computers will see that you did that and go nope we’re not helping you.
I choose security and stability. If anybody wants to risk that, be my guest, at least I can say I did give fair warning so when something does happen, don’t come crawling back here asking for help.