Hi,
I kind of have a healthcare related question regarding the Spectre Meltdown flaws such that I wonder if the patches out there are secure enough for privacy healthcare concerns?
If you use program or site for healthcare just be sure you don`t have 100500+ tabs opened in browser (especially tabs for porn, torrents and other shady stuff) at the same time. Made sessions with this healthcare thing standalone (i.e. isolated).
@mbk1969
I have seen and downloaded from Intel site the "microcode.dat" file you refer (dated on 8th January 2018).
I understand that folder named "intel-ucode" is unuseful for Windows users.
How do you extract from the "microcode.dat" file the proper bin-files for a given CPU to be used with UBU ?
Any guide lines and specific tool will be helpful ?
For instance, I have a CPUID "0306F2" (Haswell-E Intel Core-i7-5930K, Socket 2011-v3), HWINFO64 told me (under W10 x64) the current applied Microcode Update Version is "3A" and I would like update it (with UBU Tool for my Sabertooth X99 UEFI Bios v3801), if possible , with a new microcode (if available) which does fix the Meltdown/Spectre issues.
I have checked that UBU Tool v1.69.7 does support the socket (platform ID) of this CPU because applying the "3A" Microcode update does not provide any error message (BIOS version is Aptio 5 format compliant).
If this is happening there should be come a Sandy and Ivy Bridge Microcode update dream.
@100PIER
Tool would be MC Extractor Intel, AMD, VIA & Freescale Microcode Extraction Tool Discussion by plutomaniac. He explains the bin-file name pattern here https://github.com/platomav/CPUMicrocodes
Bin-file name contains CPUID, but truncated to 5 digits.
And after you locate proper bin-file you can select it in UBU with menu item “m”.
Or you just download updated UBU with microcode for your CPU
[Tool Guide+News] “UEFI BIOS Updater” (UBU) (15)
@mbk1969
Many thanks for the guiding procedure. I will take time to understand the puzzle.
With the last UBU v1.69.10 a new µCode update “3B” is offered for my CPU Haswell-E.
The “3B” µCode Revision is dated on 17th November 2017.
Do you think this Revision does fix (partially or totally) the Meltdown/Spectre issue which was ‘released’ two months after ?
I have some doubt on a so anticipated fix…
I see also on the forum some negative feedback about the last µCode revisions for some recent CPUs.
For me these revisions have probably not been “strongly qualified”.
My feeling is the recent µCode revisions for Meltdown/Spectre fixing are delivered in “a hurry” mode…
@100PIER I’m not mbk1969, but regarding microcode 3B mentioned by you, I can almost guarantee you that it won’t include a spectre fix as its release date was just too early.
As for the Spectre/Meltdown-patched microcodes, at least for Haswell and Broadwell there were reports those will lead to spontaneous reboots. Now, I’m unsure if this means it will pose a problem for Haswell-E/Broadwell-E as well, but I’d refrain from updating for the moment. Intel has said that if there were problems with the new microcode, they would release a fixed version.
Anything else remains to be seen.
@100PIER I do not agree with Horstfuchs’s analysis. The November 17th date for the Spectre patch is likely correct. Intel first learned about this vulnerability back in early June from one of Google’s researchers who discovered it (read their blog post). Then a long coordination process took place and other researchers independently found the same flaw and joined the effort. Intel had enough time to come up with a mitigation plan and patch. The date for coordinated public disclosure was set for Jan 9, but the information came out earlier when The Register caught wind that something big is going on behind the scenes since Linux patches (KPTI) were being pushed through review unusually fast. This is why Intel’s package with microcodes has a date of January 8, but the individual microcode patches inside have an earlier date. The microcode revision for my Haswell CPU, which has the Spectre patch, is also November 17th. There’s actually a simple and safe way you can verify that without patching the BIOS. Use the VMware driver to temporarily fling the microcode and then use Microsoft’s PowerShell utility to check for hardware mitigation support. Note: This is just for checking, as Windows will not actually enable the corresponding software patch (you need both), because the VMware driver will apply the microcode too late. However, the PowerShell script, since is executed later, will properly display the hardware support status, confirming if the microcode you flinged contains the patch or not. Will try to post a more detailed guide/explanation when I have time.
UPDATE: Check out the information in this thread.
Was wondering if some of these microcode updates are 'Beta’s? Because my 6850k MC patch says ‘B000000025’ as opposed to 25…
Sorry do not remember particulars this morning…
Thank you
Paste a link to where you see ‘B000000025’
Paste a link to where you see ‘B000000025’
https://github.com/platomav/CPUMicrocode…RD_F0B0963D.bin
Sorry one too many 0’s
"Beta" microcodes should be tagged as Pre-Production (PRE) release. That B, or its bits to be precise, most probably means something else. Other microcodes have 0xF, 1, 2 etc there.
Thanks Skello.
Fixing this severe issue is not an easy task…
ASUS will give updates on the Z170. You should wait…
unfortunately the z400 was pulled from this page, and it makes sense because there were lots of them that were sold with nehalem cpus, which do not have the PCID feature.
unfortunately the z400 was pulled from this page, and it makes sense because there were lots of them that were sold with nehalem cpus, which do not have the PCID feature.
The patch for meltdown requires INVPCID (invalidate PCID) witch introduced with Haswell before haswell all have perfomance reduction.
Patch for Meltdown doesn`t require PCID, it just impacts less performance penalty in a presence of PCID (and only on Windows 10, because as I take it MS did not implement support for PCID in Windows 7 and 8)
Its required if u dont want to loose perfomance that was the meaning for my post. But because my natual language is not english u wrote it better.
I got a intel NCU D54250WYB with haswell ULT, the PCID support is enable for me with win 8.1, what funny is although intel release a new bios with the new microcode but when I check it still on the older microcode “1C” which suppose to be "21"
Now I am look for a tools which can check/update the microcode of the intel bios to see what’s going on.
Looks like in UBU 1.169.10 isnt available latest microcode for 2600k. @SoniX could you please update it?
Thank you very much fur such a wonderful work you’ve done for the entire community.