Backup - AOMEI Backupper Network 1.0 centralized backup tool

I would like to mention this product, I did not have time to try it but it seems interesting.

AOMEI Backupper Network 1.0, which is the final edition of AOMEI centralized backup management free tool. 

The homepage of this product: https://www.backup-utility.com/abnetwork.html


Following are some features of AOMEI Backupper Network:
  1. Central Backup
  2. Automatic Scan
  3. Group Client Computers
  4. Schedule Backup
  5. Flexible Backup Rules
  6. Complete Backup Settings
  7. Logs Report
  8. Remote Client Management
  9. Cross-segment Backup
  10. Add Offline PCs
  11. Installation Package with Authorization Code
  12. NAS/Share Management
  13. Email Notification
  14. Create Log Report

About licensing you could review this comparing licence link:

Graphical - Images engine search website and photo collection websites

Today I going to update an old article and adding fresher information:

https://www.alessandromazzanti.com/2010/12/motore-di-ricerca-per-immagini.html

  1. http://www.veezzle.com/
    It is a portal website that seek images shared on other websites like Flirk, Picasa like freely usable photos found surfing on web.
  2. A good alternative could be Dreamstime as well.
  3. About vectoria images you could find interesting this blog post too (Vectorizados.)
  4.  https://www.canva.com/photos/Canva has millions of high-quality stock photos to use for all our design needs. Their collection includes both premium and free stock photos, and we can find the latter here:
    https://www.canva.com/photos/tag/free+photos/.They have recently put together this resources because their users have found it useful.

Manual - Cloud Migration Essentials: A guide to migrating servers and virtual machines

Today I would like to indicate this free Microsoft e-book that guid you on migration processess and actions to move VM to cloud:

https://azure.microsoft.com/en-us/resources/cloud-migration-essentials-e-book/en-us/?MC=OnPremInf&MC=DataMgmt&MC=MSAzure


Here they are major topics that you would read/get confidence on:

  1. Approach your cloud migration.
  2. Discover and assess your servers, virtual machines, and applications.
  3. Confidently execute your migration.
  4. Optimize and adjust your cloud services and resources. 


Scripting - Ping date and time log creation and real time view

Often it could be useful to ping a remote host and save information with date and time indication as well. Useful for statistical and analysis purpose

At the same time it would be very useful to view real time log progress too.

You could get this result following these steps:

  1. Create a .cmd scripting file with this command, in yellow information that need to be customized.
    REMARK: Folder location must exist.

    ping -t xx.yy.bb.dd|cmd /q /v /c "(pause&pause)>nul & for /l %a in () do (set /p "data=" && echo(!date! !time! !data!)&ping -n 2 xx.yy.bb.dd>nul" >C:\tempt\pingtest_xx.yy.bb.dd.log
  2. Utilize CMTrace.exe log viewer tool (for SCCM tool) :

    https://www.microsoft.com/en-us/download/details.aspx?id=50012
  3. Here it is result that appear using previously script and CMTrace conjunctively:

Privacy - European Gdpr and Italian regulation application 25Th May 2018 Due date


During these months there is a lot ferment about new European regulation know as GDPR.

There is an official dedicated website about this argument. They key of new Privacy law is below indicated:

"After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. Enforcement date: 25 May 2018 - at which time those organizations in non-compliance may face heavy fines. 

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. The key articles of the GDPR, as well as information on its business impact, can be found throughout this site."

Key changes are here indicated.

More resources might be found here.


<=======>

Meanwhile, about italian country, I would like to mention this .PDF file that give a quickly overview about changes that are going to be requested/applied.

I am going to share this link and file for whom that would like to have an overview.

Guida all applicazione del Regolamento UE 2016 679.pdf (3273 k)

There is an interesting website feature that permit you to listen to document

To be strictly updated with Garante della Privacy (italian and English languages are available) there are RSS too.

[update 2018.05.01]

I would like to mention this article that explain that, if European citizen data are treated in any other country (external European community), that data need to managed following GDPR regulation, here it is an interesting article that well explain concept

https://www.technologyslegaledge.com/2017/06/global-reach-of-the-gdpr-what-is-at-stake/#page=1

[update 2018.06.17]

I would like to mention this .pdf Microsoft link about ""

Download "Microsoft's Journey to Compliance" .pdf

Microsoft link explanation:

https://resources.office.com/ww-landing-M365E-GDPR-microsoft-journey-to-compliance-ebook.html

Hacker - WannaCry decrypting tools and mitigation Microsoft actions checklist

Today I would like to make a quickly zero point about Wanna Cry Malware diffusion, tools and theoretical info availability.
  1. Decrypting tools: Here it is a web site that permit, after to be sure to have successfully cleanup your device, to download and launch decrypting tool.
    It is important to read, as first step, how-to guide.
    On website there is a section where upload .txt files and encrypted files to check if a decrypting solution is available.
  2. GandCrab: Against this new ransomware, that appeared this January 2018, at the end of February security firm Bitdefender, Police, and Europol gained access to the GandCrab Ransomware's Command & Control servers.
    This action permitted to recover some of the victim's decryption keys and create below tool:
    Download: BitDefender GandCrab Decrypting tool
    REMARK: v2 appeared and decription tool is not available for this kind of virus.
  3. Here it is an excellent Microsoft powerpoint.
  4. Here it is Microsoft webinar "Protect Against Rapid Cyberattacks (Petya, WannaCrypt, and similar", this explain:
    -  How these attacks work
    - Microsoft's road map of prescriptive recommendations
    - Q&A / Gather feedback on your top challenges with adopting these recommendations.
  5. Interesting Microsoft link "Securing Privileges Article"
  6. From this Microsoft Article I would like to highlight on actions to mitigate risks with some photos:




I am intending to, month by month, add updates and new articles, stay tuned then.

About Wannacry you could review these previously blog posts.

Previously blog posts:




Manual - Azure Strategy and Implementation Guide download for Free

I would like to mention that Microsoft give you capability to download for free below Manual.

This e-book well apply for those who are new to Azure or in the beginning stages of planning a cloud migration: the Azure.

Download link

Here they are chapter names as well:

Chapter 1: Governance
Chapter 2: Architecture
Chapter 3: Application development and operations
Chapter 4: Service management

Scripting - How to copy ACL from one folder to another

You could have necessity to clone ACL that are in place to a single folder to another one.

Here it command syntax that you should use for that:

Get-Acl -Path “Source Path Folder” | Set-Acl -Path “Destination Path Folder”

Windows 10 - Microsoft links about top 10 support solutions and configure tips

I would like to mentions two microsoft links, related to windows 10, that indicates top 10 solutions related to windows 10 (and patch status/list as well) and other configure windows 10 solutions that could be useful for your normal windows 10, here they are:




Have a nice reading.

Tips - Remote connect to PC turned off or with no O.S. using Intel AMT Active Management Technology

Intel AMT (Active Management Technology) is a remote control technology integrated into PC Intel vPro platform hardware based component. 

Most of latest laptops has Intel vPro enabled. 


You could use this technology to give remote support, consider that Intel AMT allows you to control a remote computer that has no OS or even power on if its off.

First step that you should do on your pc/laptop it is to enable AMT.

You could utilize these articles:

  1. Intel 
  2. blog

After that you need to download meshcommander tool  (otr other similar tools) to connect to pcs.


Linux - SQL installation MVA tutorial

As mentioned in earlier blog post SQL could be installed on Linux server as Well.

Microsoft released, last year, SQL binaries for Linux too.

Linux - How to install MS SQL and .NET on several Linux distributions
http://www.alessandromazzanti.com/2017/03/linux-how-to-install-sql-server-on.html

Due to this fact I would like to mention this MVA Microsoft video tutorial that go deeper on this topic:

https://mva.microsoft.com/en-US/training-courses/installing-configuring-and-managing-microsoft-sql-server-on-linux-18305?l=Z4MuSOc2E_2113214697


Windows 10 - Enable diagnostic command prompt with 1703 or later versions

During Windows 10 upgrade process and pressing SHIFT + F10 you  would have possibility to launch and use diagnostic command prompt to verify upgrade status, log viewing and other tasks.

Due to Microsoft security aspect attention this feature was disabled with 1703 version and later.

Using SCCM or this O.S. upgrade process you need to:


  • Add a Set Task Sequence Variable step before the Upgrade Operating system step in the Upgrade Task Sequence, like so.
    Task Sequence Variable: Set OSDSetupAdditionalUpgradeOptions
    Value: /DiagnosticPrompt enable
If you launch from command line Windows 10 O.S. upgrade phases you need to launch setup.exe as below:

/DiagnosticPrompt {enable | disable}Specifies that the Command Prompt is available during Windows Setup.

Enable: The Command Prompt can be accessed by pressing Shift+F10 during Windows setup.

Disable: The Command Prompt is not available during Windows setup. The Command Prompt wil not be available while offline and OOBE phases are running. This is the default setting.
Example:

setup /DiagnosticPrompt enable

This setting is new for Windows 10, Version 1703.





Server - MAP Toolkit 9.8



Today I would like to mention the new MAP Toolkit version 9.8 availability.

This is a tool that helps organization:

  • Assess their environment.
  • To have software reporting status to generate usage report
  • Track usage (O.S. & Sw) and preparing a migration to Windows Azure virtual machines.
  • It helps increase the agility and cost effectiveness of deploying the latest Microsoft technologies
Here they are sw/o.s. that apply it:


  1. Exchange Server 2016.
  2. SharePoint Server 2016. 
  3. Windows 10 and previous versions
  4. Windows Server 2016 and previous versions.
  5. Office 2016, Office 365 and previous versions.
  6. It track usage of Windows Server 2012, SharePoint Server 2013, and Exchange Server 2013, 

Download and more details could be find here.

Here they are some screenshots:


Microsoft - Windows client Lifecycle

Today I would like to mention this Microsoft article that point to Microsoft Clients O.S. Lifecycles:

https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet

Windows 10

Windows 10 version historyDate of availabilityEnd of service 
Windows 10, version 1709October 17, 2017April 9, 2019** 
Windows 10, version 1703April 5, 2017October 9, 2018**  
Windows 10, version 1607August 2, 2016April 10, 2018** 
Windows 10, version 1511November 10, 2015October 10, 2017** 
Windows 10, released July 2015 (version 1507)July 29, 2015May 9, 2017 
* Home edition does not support the deferral of feature updates and will therefore typically receive a new version of Windows 10 prior to the end-of-service date shown.
** Enterprise and Education editions for versions 1511, 1607, 1703 and 1709 will receive an additional 6 months of servicing after the end of service date.
Note: Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardware is incompatible, lacks current drivers, or is otherwise outside the original equipment manufacturer’s (OEM) support period. 
Enterprise LTSB editions 

Windows 10 version historyDate of availabilityMainstream support end dateExtended support end date
Windows 10 Enterprise 2016 LTSB
Windows 10 IoT Enterprise 2016 LTSB
August 2, 2016October 12, 2021October 13, 2026
Windows 10 Enterprise 2015 LTSB
Windows 10 IoT Enterprise 2015 LTSB
July 29, 2015October 13, 2020October 14, 2025
Note: Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardware is incompatible, lacks current drivers, or is otherwise outside the original equipment manufacturer’s (OEM) support period. 
Windows 8.1 and 7

Client operating systemsEnd of mainstream supportEnd of extended support
Windows 7, service pack 1*January 13, 2015January 14, 2020 
Windows 8.1January 9, 2018January 10, 2023
* Support for Windows 7 RTM without service packs ended on April 9, 2013. Be sure to install Windows 7 Service Pack 1 to continue to receive support and updates.

Extra IT - Lorenzo International Real Estate

Today I would like to mention several websites related to a California Broker, CIPS realtor, specializing in Italian Real Estate.


Linkedin profile: www.linkedin.com/in/pierolorenzo
Company Web Sites: www.pierolorenzorealtor.com &  www.pierolorenzo.kw.com
&  www.lorenzorealestate.us
Facebookwww.facebook.com/lorenzorealestate.us

Few years ago we had opportunity to rent an apartment thanks to his intermediation, with satisfaction, in Florence.

Consider that after 13 years as a Real Estate Broker with his own agency, Prince Immobiliare (Florence) he moved, with his wife, to hometown of Santa Cruz, California, in February of 2015.

His mission is to give professionalism support to sellers and buyers thanks his real estate intermediation

It is important to remark that he have italian Real Estate License and a Californian Real Estate Broker License too.

Afterward, if you are going to sell your home, consider that he has a global real estate, he is  GPS (Global Propery Specialist) member and a CIPS (Certified International Property Specialist) designee helped by an huge network of colleagues all over the world to help find buyers.

Finally you should consider that his personal real estate history was mentioned on this important Italian newspaper. This article was discussing about fact that several Italian talent s guys left their country to find more job opportunities and to have their talents recognized and rewarded as well.

https://www.ilfattoquotidiano.it/2016/11/24/riparto-da-zero-in-california-come-agente-immobiliare-e-rischioso-ma-in-italia-non-ce-entusiasmo/3212443/#disqus_thread

You could review presentation video at following web link

http://videos.weebly.com/uploads/7/8/4/8/78480480/lorenzo_international_real_estate_955.mp4




Automation - Domotics for home purpose with Arduino & Android devices & Souliss (open-source SmartHome framework)

In precedent blog posts we mentioned possibility to apply domotic in any home using Arduino & Blink server.

With this new blog articles we would like to mention Souliss product that it is an open-source SmartHome framework to empower your Arduino and Android devices.

This solution does not require any Server (as mentioned in this old blog article) but only an Android device with SoulisApp installed that interface directely with Arduino microcontroller connected through LAN ( Lan card or Wifi)

Arduino it is a C++ programmable micro-controller that could be used in conjunction with Souliss product.

Souliss is an IOS/android application that dialog with Arduino for remote command purpose.


Latter step would be to intregrate it with openHab  to have historical trends and for more complexes automation requirements.

Following images will help you on better focalize about advantages and infrastructure:

souliss

souliss

I am mentioning old blog article that refer to friend's company

It is in italian language but it could be useful to have an overview about opportunities given from domotics/home automation:
APPENDIX:

Domotics/Home automation is growing day by day as a new market technology field applied to constructions/home apartments.

"It involves the control and automation of lighting, heating (such as smart thermostats), ventilation, air conditioning (HVAC), and security, as well as home appliances such as washer/dryers, ovens or refrigerators/freezers. Wi-Fi is often used for remote monitoring and control. Home devices, when remotely monitored and controlled via the Internet, are an important constituent of the Internet of Things. Modern systems generally consist of switches and sensors connected to a central hub sometimes called a "gateway" from which the system is controlled with a user interface that is interacted either with a wall-mounted terminal, mobile phone software, tablet computer or a web interface, often but not always via Internet cloud services.

While there are many competing vendors, there are very few worldwide accepted industry standards and the smart home space is heavily fragmented.Manufacturers often prevent independent implementations by withholding documentation and by litigation.

The home automation market was worth US$5.77 billion in 2013, predicted to reach a market value of US$12.81 billion by the year 2020." Read more here

Graphics - DesignEvo online logo maker

Today I would like to mention DesignEvo, an easy-to-use online logo maker useful to create professional logos

This software has:
  1. 3000+ fully customizable logo templates.

  2. Over one million icons available.

  3. Various editing tools.


If you like you could take a tour viewing this youtube Video.


Recovery - Stellar Phoenix Windows data recovery – Home 7.0

Today I would like to mention this tool "Stellar Phoenix Windows data recovery – Home 7.0"

This is a recovery software that permit to:

  1. Find lost or deleted documents from Inaccessible Hard Drives.
  2. Perform Office Documents, Presentation & Archive Files recover.
  3. Recovers Lost Data from Corrupt, Formatted & Virus Infected Drives.
  4. Quick & Deep Scan.
  5. Mobile Phone Recovery.
  6. Recover lost partitions.
Software requirements:

Windows 10, 8.1, 8, 7, Vista & XP, 1 Gb. free ram, 50 MB. Free disk space

Official download and purchase link:


If you are interested you could review more blog recovery articles here:







Security - Cloud Hacker considerations

I would like to focalize on Trojan aspect applied to Cloud services and relative user accounts.

Trojan could be easily installed on any pc/devices (For example visiting an unknown hackered website)

The concept it is simple: If you have a Trojan that intercept your Cloud user credential you are going to be in a very critical situation. (risk would increase if double authentication would not active on your cloud account)

Credentials could be used to stole your critical data/access to your company servers and be sold from criminals.

A very useful mitigation actions could be start using  next generation antivirus providers that utilizes machine learning indeed than standard AV (this method use  signatures as the primary detection mechanism)

Full interview and details could be found reading this article:

https://www.techrepublic.com/article/how-trojans-steal-credentials-and-attack-cloud-services/



If you are interested you could review these old blog articles/sections:

Cloud

http://www.alessandromazzanti.com/search/label/Cloud

Microsoft Azure

http://www.alessandromazzanti.com/search/label/Windows%20Azure



[update 2018.06.17]

I would like to indicate this Micorosft security video/lessons:



https://mva.microsoft.com/en-US/training-courses/hybrid-cloud-workload-protection-with-azure-security-center-18173?l=Ld0LK42jE_006218965

Tools - OCR On line converter

Today I would like to mention an interesting website that permit you to extract text from PDF and images (JPG, BMP, TIFF, GIF) and convert into editable  Word, Excel and Text output formats.

More verbosely:

Source Formats:


  • PDF (All types of PDF files including multi-page PDFs)
  • TIF/TIFF (Multipage TIFFs supported)
  • JPEG/JPG
  • BMP
  • PCX
  • PNG
  • GIF
  • ZIP files containing the above types of files can also be uploaded.

Image quality is one of the most important factors that improve quality of recognition. A resolution of 200-400 DPI for input images is best for recognition.

Maximum input file size : 200 MB

Destination Formats:

  • Adobe PDF document
  • Microsoft Word document
  • Microsoft Excel document
  • RTF document
  • Text Plain
https://www.onlineocr.net/

Security - CPU Spectre and Meltdown Bug



During previously months it was revealed CPU bugs that are affecting near all produced CPU.

Security it is one of the most warm argument that is growing, correctly, day by day importance (First of all due to global internet devices interconnection).

At actual stage several vendors and O.S. providers released O.S. patches.
Some of these fixes was deployed to mitigate risks.

Consider that one of these bug (Spectre ) need devices firmware upgrade.
In other cases antivirus software upgrade it is necessary before patch/firmware installation.

So I am going to create a blog article with info collected reading several technical documents/articles (indicated at end of article for easily reading)

My idea it is to release minor revisions article updates, during next months, adding fresher information.

  1. Intel CPU produced during these last 10 years are affected from security critical issues.
  2. On these CPUs Intel left an open channel between kernel protected memory and normal user processes.
  3. This design error could permit, to access this memory area, to programs executed at user level permissions, (Java scripts browser app too), permitting sensible data read/stolen (including login and passwords).
  4. It seems that Intel was already aware about this problem but did not notify this information to major O.S. players to strictly work to fix it.
  5. ServerWorkstationPCTabletSmartphone and Smart Devices are impacted. 
    1. Affected chips include those manufactured by IntelAMD, and ARM, which means all devices running Windows operating systems are potentially vulnerable (e.g., desktops, laptops, cloud servers, and smartphones).
    2. Devices running other operating systems such as AndroidChromeiOS, and MacOS are also affected.
  6. CLOUD is impacted too. 
    1. Meltdown could be particularly dangerous on unpatched cloud platforms, due to the possibility of malicious code inside a virtual machine being able to read data from the memory of the underlying host computer, with the threat that one cloud customer could steal data from another.
    2. CPU performances decrease would be between 5% up to 30%. (these performances problems would be a big issue for cloud providers like Azure, Amazon....)
  7. REMARK: 
    1. Hotfix need to have kernel code partially rewritten:
      1. Furthermore kernel and end user memory process separation (Kernel Page Table Isolation (KPTI)) would deeply impact on performances too.
    2. Some old CPUs could not be upgradable.
    3. Patches released are working so deep at kernel level that some AV are not compatible (a.e. Microsoft if informing customers that before begin patching process, you should verify that your antivirus (AV) software is up to date and compatible (check your antivirus software manufacturer's website for their latest compatibility information).

MICROSOFT :
Starting in January 2018, Microsoft released updates for Windows operating systems, Internet Explorer and Edge browsers to help mitigate these vulnerabilities and help to protect customers. They also released updates to secure their cloud services.
Here they are  Microsoft Articles:
Protect your Windows devices against Spectre and Meltdown
https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
Update to disable mitigation against Spectre, Variant 2
https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation-against-spectre-variant-2

From Microsoft January 2018 Security Updates

Operative SystemUpdate KB
Windows Server, version 1709 (Server Core Installation)4056892
Windows Server 20164056890
Windows Server 2012 R24056898
Windows Server 2012not yet available
Windows Server 2008 R24056897
Windows Server 2008not yet available
Windows 104058702
Windows 8.14056898
Windows 74056897

NOTES

Patches released are working so deep at kernel level that some AV are not compatible (a.e. Microsoft if informing customers that before begin patching process, you should verify that your antivirus (AV) software is up to date and compatible (check your antivirus software manufacturer's website for their latest compatibility information)
LINUX has released patches.

APPLE Has indicated that all iPhones, iPads and modern Mac devices are affected by Meltdown. Bullettin link.

ANDROID/GOOGLE bullettin link.
TECHNICAL PART:
  1. This bug has two variant types:
    1. Meltdown (32/64 bit - It permit to read private kernel memory):
    2. It impact all Intel CPUs produced from 1995 to 2013 -Haswell Xeon series included.
    3. CPU ARM Cortex A15, A57 A72 e A75 impacted
    4. REMARK:Patches was released to fix Meltdown and Spectre 1 variant bugs for o.s. and virtual machine vendors.
    5. You can learn more about these vulnerabilities at Google Project Zero
  2. Spectre (32/64 bit - It permit to user-mode applications to estract processess information) 
    1.  It impact all Intel CPUs produced till now.
    2.  It impact some ARM CPUs Cortex A15, A17, A57 A72, A73, A75, R7, R8, A7, A8.
    3.  It impact some AMD CPUs Ryzel, FX ed Pro.
    4. REMARK: Fixes about bug Spectre variant 2 require computer firmware update.These updates are being issued by chip manufacturers and designers such as Intel and Arm. Sometimes  it may require also operating system kernel update.
    5. REMARK 2: Because of the difficulty in addressing Spectre, patches generally mitigate risks from attacks, rather than blocking them completely.
    6. You can learn more about these vulnerabilities at Google Project Zero.

  3. Modern processors accelerate the rate at which they execute instructions by loading data into the processor's on-board cache memory ahead of when it's needed. Data can be retrieved from this on-board cache far more rapidly than from the computer's main memory.

  4. If a processor is executing a set of instructions that branches depending on the input, then processors will try to guess which branch of instructions is most likely to be executed and load the necessary data into the processor's cache. These processes, called Branch Prediction and Speculative Execution, are what can be exploited by Spectre attacks.
  5. Meltdown works slightly differently, taking advantage of a privilege escalation flaw that allows any user able to execute code on the system to access protected memory. 

[original articles]

https://www.achab.it//achab.cfm/it/blog/achablog/meltdown-e-spectre-cosa-deve-sapere-e-fare-un-msp


http://www.lastampa.it/2018/01/09/tecnologia/news/lultima-patch-di-sicurezza-windows-non-fa-pi-avviare-i-computer-amd-microsoft-sospende-gli-aggiornamenti-44j9a7tUG3GsQ1m1T6vxjO/pagina.html


https://www.techrepublic.com/article/spectre-and-meltdown-cheat-sheet/


https://meltdownattack.com/#faq-advisoryhttps://meltdownattack.com/#faq-advisory


https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown


Protect your Windows devices against Spectre and Meltdown

https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
    Update to disable mitigation against Spectre, Variant 2
    https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation-against-spectre-variant-2


    You can learn more about these vulnerabilities at Google Project Zero.


    [update 2018.02.17]

    Oracle is impacted too, I forgot to mention previously

    Oracle Linux (ELSA Security Advisory):

    [update 2018.02.19 ]

    Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems

    https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/

    [update 2018.03.04]

    Microsoft has published guidance for IT Pros that outlines the steps Microsoft has taken as well as steps you can take to take advantage of all available protections.

    One action that you can take immediately is to ensure that your computers are able to reach the following endpoint:

    http://adl.windows.com



    This may involve adding this URL to your company’s whitelist which may require approval from your security group.  This endpoint is used to communicate updates to Microsoft’s compatibility information with client computers.  By ensuring your computers can reach this endpoint, you can help them get the most up-to-date information Microsoft has available about supported antivirus solutions and versions, security update statuses, etc.

    more details here