Yep, nobody panicked then.
-
Competitor rules
Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.
Yep, nobody panicked then.
![[HB]Rugrat](/styles/overclockers/avatars/4.png){kind=avatar}
Associate
- Joined
- 29 Jan 2003
- Posts
- 1,146
Is anyone else getting a bluescreen when rebooting after installing the latest patch? I've been trying to install it for the last three days but each time I reboot, I get a bluescreen - I then reboot, it detects and attempts to install the patch again and the same thing happens. I've seen this reported on older AMD systems but I'm running a 5820k.
Good, concise summary. Thank you.
Yes but no one other than intel (allegedly) knew about it, so it was fairly safe, until a few days ago, now the world nows, so you can bet people are trying to develop expolits.
That risk was far, far lower when it wasn't publicly disclosed.
Obviously, because no-one knew about it...
- Joined
- 30 Jul 2006
- Posts
- 12,130
As you say, "allegedly".
However, some pages ago it was suggested that this anomaly / bug was spotted a year ago (Bloomberg).
I have always assumed that Intel / AMD / ARM / Whoever have, at the behest of Security Services, placed back doors in their chips. I can see no reason why someone with malign intent might not discover these characteristics.
As I understand it, it was Mossad that first reported that Kaspersky might have been used to harvest NSA secrets (The Register), do you really believe that they, the NSA, GCHQ, SVR RF and others don't do their utmost to exploit flaws in systems - all the time?
Soldato
- Joined
- 18 May 2010
- Posts
- 22,960
- Location
- London
So does that mean I should throw my 3570k Z77 pc in the bin?
It's never going to get a BIOS update and even my AMD HD 4350 will not see a driver update either.
It's never going to get a BIOS update and even my AMD HD 4350 will not see a driver update either.
In the same boat here, it goes something like this...
1. Request an updated BIOS from the motherboard manufacturer for your system. You may not get it but it makes it more awkward for them to turn around to so many customers and say no.
2. Research on the web as to whether the BIOS for your motherboard can be updated yourself using a guide and relevant utility software preferably from the makers of the BIOS. eg my motherboard has an American Megatrends / AMIBIOS who I think have a utility for slip streaming certain new files like CPU microcode into a BIOS file.
3. (optional) If you feel uncomfortable with option 2 but know such a utility exists then approach a reputable PC repair shop and ask if its a service they provide.
4. (optional) Install your preferred flavour of Linux so you have a dual boot system and use Linux as the main daily OS and just load into Windows for using Steam or MS Office or some other small subset of software that is very Windows centric. Reduce the amount of software you install in Windows and as I say use Linux as the main OS.
5. Update Browser when next update is available as newer Browser releases should be coming soon that also contain some mitigation for Spectre. In the meantime if you're using Chrome you can enable 'Strict site isolation'. https://support.google.com/chrome/answer/7623121?hl=en-GB
6. Still update Windows with the latest patch as that should mitigate the Meltdown vulnerability.
7. Start using ad blocking software / browser extension to minimise the risk of an attack from a rogue ad being served on an otherwise trusted web page.
Last edited:
For anyone wondering, the latest Intel microcode release (dated 08/01/2018) contains updates for:
KBL-U/Y H0, KBL Y0 / CFL D0, KBL-H/S B0, and SKX H0, one of which might include Kaby Lake-X but I'm not sure). There's also an update for IVT. There is no mention of what is changed or fixed in this release, but we can assume some Spectre fixes are included. Hopefully there'll be a second update in the next couple of weeks and that might show us how many generations will actually get fixes. The full list is as follows:
- Haswell
- Haswell-E
- Skylake
- Skylake-X
- Kaby Lake
- Broadwell
- Broadwell-E
- Coffee Lake
KBL-U/Y H0, KBL Y0 / CFL D0, KBL-H/S B0, and SKX H0, one of which might include Kaby Lake-X but I'm not sure). There's also an update for IVT. There is no mention of what is changed or fixed in this release, but we can assume some Spectre fixes are included. Hopefully there'll be a second update in the next couple of weeks and that might show us how many generations will actually get fixes. The full list is as follows:
Code:
-- Updates upon 20171117 release --
IVT C0 (06-3e-04:ed) 428->42a
SKL-U/Y D0 (06-4e-03:c0) ba->c2
BDW-U/Y E/F (06-3d-04:c0) 25->28
HSW-ULT Cx/Dx (06-45-01:72) 20->21
Crystalwell Cx (06-46-01:32) 17->18
BDW-H E/G (06-47-01:22) 17->1b
HSX-EX E0 (06-3f-04:80) 0f->10
SKL-H/S R0 (06-5e-03:36) ba->c2
HSW Cx/Dx (06-3c-03:32) 22->23
HSX C0 (06-3f-02:6f) 3a->3b
BDX-DE V0/V1 (06-56-02:10) 0f->14
BDX-DE V2 (06-56-03:10) 700000d->7000011
KBL-U/Y H0 (06-8e-09:c0) 62->80
KBL Y0 / CFL D0 (06-8e-0a:c0) 70->80
KBL-H/S B0 (06-9e-09:2a) 5e->80
CFL U0 (06-9e-0a:22) 70->80
CFL B0 (06-9e-0b:02) 72->80
SKX H0 (06-55-04:b7) 2000035->200003c
GLK B0 (06-7a-01:01) 1e->22That would only happen if you've got an incompatible antivirus. Which one are you using? https://support.microsoft.com/en-us...ndows-security-updates-and-antivirus-software
This one includes loads of CPU's including Sandy Bridge...
https://downloadcenter.intel.com/download/27431/?product=65520
https://downloadcenter.intel.com/download/27431/?product=65520
Soldato
- Joined
- 18 May 2010
- Posts
- 22,960
- Location
- London
Hmm that's interesting.
Gives mobo manufacturers no excuse really not to release bioses for older boards.
I would say at least Sandy Bridge and up should be supported.
So having no idea about what goes into it, is it a lot of effort to release a new bios for the older boards. How much work is it for the fix to be implemented? Do they just have to take the last stable bios, replace the microcode and then release it again?
Associate
- Joined
- 29 Jan 2003
- Posts
- 1,146
I'm just using the MS defender AV - supposedly compatible... !?
What CPU?
Have you checked the registry to see if you have the following entry?
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat
Name: cadca5fe-87d3-4b96-b7fb-a231484277cc
Data: 0x00000000 (0)
The microcode files in that package are applicable to tonnes of CPUs, that doesn't mean they have been updated any time recently. Check the included changelog, which I posted above. Hell, even the latest microcode for a given CPU in that package might not be up to date: apparently the latest official microcode for Westmere-EP released by Intel was 14, yet there is a version 1D available (extracted from some server motherboard BIOS).
Associate
- Joined
- 29 Jan 2003
- Posts
- 1,146
I'm running a 5820k - I don't have that string in my registry.
According to the following, Defender should have added the registry key. When you go into Defender is it possible to check for updates to see if Defender needs to update, then recheck the registry to see if it has set the reg key?
https://support.microsoft.com/en-sg...ndows-security-updates-and-antivirus-software
Depends what your usage is - for most home users then installing Firefox 57.0.4 (or the equivalent update for other browsers when available) and for extra resilience using an ad blocker will close off most of your vulnerability unless you are downloading a lot of software but then once software is running on your system all bets are off even with good AV.
If the system is operating in a server in some capacity or doing advanced stuff with VMs, etc. then you might be more vulnerable and advisable to replace it with something that can be updated at firmware/microcode and OS level against it.