Kernel memory leaking Intel processor design flaw

Scottyboy99 said:

What if a user doesn’t update their BIOS. Most wouldn’t I’d imagine. I mean most of my family no nothing of a BIOS and trust windows update. I’d wager this goes for majority of windows users

intel and MS needs a better solution than relying on people to update a BIOS ontop of windows update

The only thing that can be done in BIOS to circumvent these vulnerabilities is to load new microcode. That can also be done through Windows Update. Windows can load microcode into the processor early in the boot process.

I imagine Wintel will do this for the general public - provide new critical microcode, if there is any, through Windows update.

Remember to add an extra layer of security to your browsers as well.

Even a browser with JavaScript enabled can be used as an attack vector.

Firefox, apparently, addressed the issue yesterday with the 57.0.4 patch, but,
in Chrome, it would be prudent to enable Strict Site Isolation!

Full Site Isolation will be enabled by default in Google Chrome 64.

Geneo said:

The only thing that can be done in BIOS to circumvent these vulnerabilities is to load new microcode. That can also be done through Windows Update. Windows can load microcode into the processor early in the boot process.

I imagine Wintel will do this for the general public - provide new critical microcode, if there is any, through Windows update.

Interesting. The contacts I did earlier today hinted at that I specifically needed a BIOS update to update the microcode, but these support lines probably doesn't have all the information available yet. If this is true then it's good news indeed.

Hi,

Faith said:

I mean the chipset and ME driver primarily, if they are vulnerable that is. But it doesn't matter because I contacted both Intel and MSI this morning and both told me that a "microcode" update is required to be "fully" secured, so a BIOS update is indeed needed on top of the KB update from Microsoft. This creates a very concerned future because updating the BIOS aren't something normal PC users do often, or at all. I can also see that not even half of the PC's I use have gotten a BIOS update through the board manufacturer. And OEM's that's more than 5 years old probably won't even get a BIOS update.

Drivers for chipsets and MEI are not what these security issues are about. It's the firmware that is.
A micro code update is not a BIOS/UEFI update it's a CPU update.

Cheers,