Intel just released information which microcode updates are bad and should not be used, and which ones should be used instead:
https://newsroom.intel.com/wp-content/up…te-guidance.pdf
@Snurg :
Welcome to the Win-RAID Forum and thanks for your contribution!
Regards
Dieter (alias Fernando)
Intel also released microcode CPU for Linux, which allows to fix the vulnerabilities of Specter and Meltdown without updating the BIOS on the computer. https://downloadcenter.intel.com/downloa…ocode-Data-File Microcodes are available for 40 different versions of Linux, but work only with some models of Intel processors.
It is not difficult to install a microcode data file, since such files are usually released for Linux distributions in the form of updates. To install the update, it’s best to use the Package Manager included in the distribution. Users of Debian and Ubuntu need to resort to the apt (advanced packaging tool) program. The package manager will also install all dependent objects, such as the iucode-tool. To install the microcode on Redhat and Centos, you need to use yum and search for microcode_ctl. But I dont know who uses Linux nowadays, when I worked at homework doer https://wedohomework.net we had few Linux`s, but it was long time ago. Does anyone here uses Linux?
Intel’s latest guidance is to avoid this update, which has stability issues. An even newer version should be available within two weeks.
Can someone post Intels advisory from above inline to the thread? I cant see that link. Thanks.
That one seems newer? Do you need the old one?
Thanks for posting that! Going crazy looking for it! Thanks
Doesn’t mention 906E9 revision 84 ?? If I remember correctly Intel also said stay away from 906E9 84?
Thanks Fernando,
Was just curious about 906E9-84. Did not see it mentioned in the advisory though I see Sonix mentioned adding it into his last Ubu release so I assume its safe and recommended for use? Thank you.
@dvidm71:
As far as I have invesigated the content of the related Intel site, it doesn’t contain a list of “secure” Microcodes for the various CPUs, but links to
a) Security Updates published by the OS and Hardware Vendors and
b) Security Information given by the Mainboard and System Manufacturers.
@Fernando :
My point is that the Intel Guidance Sheet does not mention ver 84 of 906E9. It stops at ver 80. Maybe they Intel will release a new advisory soon but I suspect since Intel is not in the business of releasing microcodes so frequently after another that 84 must fix the system reboot issue that came with ver 80. For example on 506E3 revision C2 was eventually put back on the ‘Safe to use’ list by intel. Regarding 906E9 Rev 84 I would feel better hearing from Intel first before I use it.
Thanks
@RockyBalboa
Why do you ask for Linux?
The extractor program all the Linuces use is the same: https://gitlab.com/iucode-tool
But Intel supplies the new multi-blobbed microcode format in the intel-ucode directory.
These are just all microcodes for a particular family-model-stepping concatennated. You can use my utility’s cpupdate -x option to extract them.
https://github.com/kernschmelze/cpupdate
It is written for FreeBSD. But if you strip the system-dependent parts I think it’s easy to port to Windows.
But I guess Platomav will have something like that for Windows already
Edit:
Look at the document lfb6 linked to above. It is important and revealing
I got news of that just today