• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Yet another Intel CPU security vulnerability!

New year, new CPU performance tax...

MSI released new BIOS updates for the Z370 and Z390 motherboards...

MSI Z370 Gaming Pro Carbon (A.90 BIOS, 0xB4 microcode)
NzrZYxn.png

MSI Z370 Gaming Pro Carbon (A.A0 BIOS, 0xCA microcode)
mMybSIV.png
 
Destination said:
A 3% hit, nasty.
Click to expand...

Funny thing is people make such a big deal of these Intel vulnerabilities - but mostly for a desktop user you have to be really unlucky to be exposed even without mitigations (though I highly recommend staying updated browser wise) unless you've made yourself enemies at a state level LOL. While some quite serious and much more useable exploits, including some concerning remote code execution vulnerabilities, have been coming to light in Windows 10 especially over the last few months and no one blinks an eyelid. Granted most of these Windows vulnerabilities can be closed with minimal if any performance/feature loss and mostly MS have been fairly quick in getting fixes out but still the sheer number that have come to light and how many should not have even existed in the first place raises a lot of questions.

EDIT: Not saying people should be complacent about these Intel vulnerabilities, especially not in multi-user/server environments where they are far easier to utilise.
 
Last edited:
More?? Flippin heck what are the cumulative totals up to now?
Are intel cpu's going to get so many nerfs that they eventually make a p4 look fast :p

Even though a lot of these are not currently impacting a normal gamers desktop ... i wouldnt be too happy running my system knowing its full of holes, i patch everything on this 5820k and i swear it feels slower than before even with a fresh OS.
Maybe its just in my head.
 
sideways14a said:
Maybe its just in my head.
Click to expand...

Something that can happen with software/firmware changes like this is though you don't get a big average performance change you might see intermittent latency spiking per frame/tick if periodically sanity checks, etc. have to be done - which can/will be felt as sluggishness.
 
Rroff said:
Funny thing is people make such a big deal of these Intel vulnerabilities - but mostly for a desktop user you have to be really unlucky to be exposed even without mitigations.
Click to expand...

Depends what people consider a security issue (or a big deal) as i can't imagine the privacy nuts that use VPNs being very happy with the new iGPU Leak for example. :)

https://www.phoronix.com/scan.php?page=news_item&px=Intel-iGPU-Leak-Details

The researchers do mention that the extent of the browser vulnerability appears to be with website fingerprinting attacks for identifying users but at least not compromising their system data.
Click to expand...
 
Ice Tea said:
Depends what people consider a security issue (or a big deal) as i can't imagine the privacy nuts that use VPNs being very happy with the new iGPU Leak for example. :)

https://www.phoronix.com/scan.php?page=news_item&px=Intel-iGPU-Leak-Details
Click to expand...

My intention wasn't really to down play the Intel vulnerabilities but relatively speaking they are mostly less likely to be leveraged against a desktop user than some of the more recent Windows 10 ones yet there is hardly any comment on those.

I was a little dismissive on the iGPU one as aside from some tablets I don't even use Intel iGPUs.
 
Ice Tea said:
https://www.phoronix.com/scan.php?page=news_item&px=Red-Hat-CVE-2019-14615

Instead of patching Redhat wants users to remove and disable the iGPU regardless if they use it.
Click to expand...
Not really an option on my backup NAS machine since it has no other GPU. 99% of the time I access it headlessly but every now and then I need to use it locally so I can't just disable the iGPU. If there was a microcode update that fixed the vulnerability but reduced the iGPU performance by 50% that'd be fine for me. MSI will never release an official update for my motherboard (last one was in 2013) but maybe I can do it myself (again, sigh).
 
From what i understand they are trying to reduce the performance hit but all these various patches add up even if it's a few percent here and there.
 
DragonQ said:
Not really an option on my backup NAS machine since it has no other GPU. 99% of the time I access it headlessly but every now and then I need to use it locally so I can't just disable the iGPU. If there was a microcode update that fixed the vulnerability but reduced the iGPU performance by 50% that'd be fine for me. MSI will never release an official update for my motherboard (last one was in 2013) but maybe I can do it myself (again, sigh).
Click to expand...

I'm in same boat.

The sheer amount of vulnerabilitys now on Intel chips is getting ridiculous.

I'll be a lot happier when I switch the Server/NAS over to an AMD chip TBH
 
pete910 said:
Not just laptops, A lot have intel based NAS/Servers . Thats where the biggest risk is with all these vulnerabilitys. Then there's the perf hit to cap it off
Click to expand...

Yeah I was big fan of the Xeon E3 but needing to disable HT and the IGP makes them a lot less useful.
 
pete910 said:
I'm in same boat.

The sheer amount of vulnerabilitys now on Intel chips is getting ridiculous.

I'll be a lot happier when I switch the Server/NAS over to an AMD chip TBH
Click to expand...
Yeah my main server is running an R7 1700 with ECC RAM. Very glad I chose that solution now, and there's plenty of upgrade capacity with Zen 2 and Zen 3 too.
 
You must log in or register to reply here.
Back
Top Bottom