Yes but it then should also be available from the OEM website either as a bios/efi flash or as an Intel ME flash IMHO.
I just checked with my OEM and flashes for cpu microcode will be available for three of my machines starting from cw 05. Good to know.
MS has already done what it is supposed to do. That part is safe now. But it's the hardware that still requires patching for the majority of us endusers.
Cheers,
That explains why I have a mixed result after running the Spectre Meltdown CPU checker (my post #216). I am green (check) for Meltdown and red (check) for Spectre. As we all know, the latter is more concerned with all Intel CPUs while Meltdown goes for the others. So far, HP doesn't seem to be in a hurry to release a BIOS/UEFI firmware update. At least, in your case, you have some information about when you will probably receive a fix from your OEM. That is not the case for HP support site, unless I don't know where to look..
"MS has already done what it is supposed to do. That part is safe now. But it's the hardware that still requires patching for the majority of us endusers"
It's a fact that MS has already done its part. That's the point, if the OEM of one's PC hasn't released any update with respect to that issue, the next MS's Security update might not be able to install as we are witnessing with the last out-of-band patch KB4056892. Some users are still having difficulty in installing this update. :)
As we all know, the latter is more concerned with all Intel CPUs while Meltdown goes for the others.
Not quite @IronZorg89. Both affect most CPU manufacturers and OS's.
Meltdown got its name because it "melts" security boundaries normally enforced by hardware. By exploiting Meltdown, an attacker can use a program running on a machine to gain access to data from all over that machine that the program shouldn't normally be able to see, including data belonging to other programs and data that only administrators should have access to. Meltdown doesn't require too much knowledge of how the program the attacker hijacks works, but it only works with specific kinds of Intel chips. This is a pretty severe problem but fixes are being rolled out.
By exploiting the Spectre variants, an attacker can make a program reveal some of its own data that should have been kept secret. It requires more intimate knowledge of the victim program's inner workings, and doesn't allow access to other programs' data, but will also work on just about any computer chip out there. Spectre's name comes from speculative execution but also derives from the fact that it will be much trickier to stop — while patches are starting to become available, other attacks in the same family will no doubt be discovered. That's the other reason for the name: Spectre will be haunting us for some time.
That is not the case for HP support site, unless I don't know where to look..
HP being an Intel partner just like Fujitsu I think they have publicized a schedule of the planned releases and the affected products.
Mind you, I had to search for it as well. I think your best start is Intel's website where they discuss Spectre and Meltdown and cite a list of their partners with links to the respective website pages.
I'll see if I can find something useful for you and our other HP users.
Computer Type: PC/Desktop System Manufacturer/Model Number: Fujitsu B3417B2 OS: Windows 10 Pro X64 CPU: Intel I7 7700K Motherboard: D-3417B2 Memory: 32Gb Graphics Card: Intel HD 530 + Palit GeForce GTX1050 Ti KALMX 2Gb Sound Card: Realtek Chip Monitor(s) Displays: Samsung UJ59-U32 32 inch monitor. Screen Resolution: 3840x2160@60Hz. Keyboard: Microsoft 600 Mouse: Microsoft 3 button wired optical mouse. PSU: 650W. Case: Fractal Design R4 Cooling: Alpenfoehn Atlas 3 Ventilators on cooler. Hard Drives: Intel P900 U2 280Gib. Internet Speed: 35/10 Browser: IE11 Antivirus: MS Defender
Computer Type: PC/Desktop System Manufacturer/Model Number: Home made OS: Windows 10 Pro X64 CPU: Intel I9 9900KS Motherboard: Asus WS Z390 Pro. Memory: 64 Gb DDR4-2666 Graphics Card: Intel HD 630 Sound Card: Realtel ACL Monitor(s) Displays: Fujitsu L27T-1 LED DVI +Samsung 32" Screen Resolution: 1920 x 1080 and 3840x2160@60Hz Keyboard: MS 600 Mouse: Microsoft 3 button optical mouse. PSU: 850W Be Quiet. Case: Fractal Design R6 USB-C Black. Cooling: Alpenfoehn Olymp + 3 fans on cooler. Hard Drives: 2 x Samsung 970Pro M2 500Gib in Raid 0 mode
2 x Intel P900 280Gib in Raid 0 mode
2x Toschiba SATA 500Gib in Raid 0 mode Internet Speed: 65/10 Browser: IE + Edge Chrome Antivirus: MS Defender Other Info: Next build will be a 2066 socket one. Speed is addictive, right ?
tried to call MSI today they appear to be closed for the holiday , since when does a business close for MLK day thats a new one, i new schools and stuff closed but all my local business are open.
Computer Type: Laptop System Manufacturer/Model Number: hp 15-cw1068wm OS: win 10 pro x64 os build 20H2 CPU: AMD Ryzen 5 3500U Motherboard: HP Memory: 16 gigs Graphics Card: AMD Radeon Vega 8 (Picasso) Sound Card: bang and olufsen built in Monitor(s) Displays: built in system Screen Resolution: full HD Keyboard: laptop Mouse: steelseries Rival/ and touch pad PSU: HP power supply/battery Case: laptop Cooling: Fans Hard Drives: 500 gb SSD and secondary 1TB hard drive, also two I TB hard drives Via USB 3.0 docking station self powered. Internet Speed: Unknown Browser: Google chrome Antivirus: windows security center/ malwarebytes pro
Computer Type: PC/Desktop System Manufacturer/Model Number: Fujitsu B3417B2 OS: Windows 10 Pro X64 CPU: Intel I7 7700K Motherboard: D-3417B2 Memory: 32Gb Graphics Card: Intel HD 530 + Palit GeForce GTX1050 Ti KALMX 2Gb Sound Card: Realtek Chip Monitor(s) Displays: Samsung UJ59-U32 32 inch monitor. Screen Resolution: 3840x2160@60Hz. Keyboard: Microsoft 600 Mouse: Microsoft 3 button wired optical mouse. PSU: 650W. Case: Fractal Design R4 Cooling: Alpenfoehn Atlas 3 Ventilators on cooler. Hard Drives: Intel P900 U2 280Gib. Internet Speed: 35/10 Browser: IE11 Antivirus: MS Defender
Computer Type: PC/Desktop System Manufacturer/Model Number: Home made OS: Windows 10 Pro X64 CPU: Intel I9 9900KS Motherboard: Asus WS Z390 Pro. Memory: 64 Gb DDR4-2666 Graphics Card: Intel HD 630 Sound Card: Realtel ACL Monitor(s) Displays: Fujitsu L27T-1 LED DVI +Samsung 32" Screen Resolution: 1920 x 1080 and 3840x2160@60Hz Keyboard: MS 600 Mouse: Microsoft 3 button optical mouse. PSU: 850W Be Quiet. Case: Fractal Design R6 USB-C Black. Cooling: Alpenfoehn Olymp + 3 fans on cooler. Hard Drives: 2 x Samsung 970Pro M2 500Gib in Raid 0 mode
2 x Intel P900 280Gib in Raid 0 mode
2x Toschiba SATA 500Gib in Raid 0 mode Internet Speed: 65/10 Browser: IE + Edge Chrome Antivirus: MS Defender Other Info: Next build will be a 2066 socket one. Speed is addictive, right ?
Thanks so much for all the help and information you are providing. I am a bit sorry for my ignorance on certain aspects of the issue at hand. When I look at it, in my case, I only need a BIOS/UEFI update from HP and so far I don't think they have released one yet. I am going to do a more in-depth review of all your references (above) and post back later on..
Thanks again! :)
Computer Type: PC/Desktop System Manufacturer/Model Number: Fujitsu B3417B2 OS: Windows 10 Pro X64 CPU: Intel I7 7700K Motherboard: D-3417B2 Memory: 32Gb Graphics Card: Intel HD 530 + Palit GeForce GTX1050 Ti KALMX 2Gb Sound Card: Realtek Chip Monitor(s) Displays: Samsung UJ59-U32 32 inch monitor. Screen Resolution: 3840x2160@60Hz. Keyboard: Microsoft 600 Mouse: Microsoft 3 button wired optical mouse. PSU: 650W. Case: Fractal Design R4 Cooling: Alpenfoehn Atlas 3 Ventilators on cooler. Hard Drives: Intel P900 U2 280Gib. Internet Speed: 35/10 Browser: IE11 Antivirus: MS Defender
Computer Type: PC/Desktop System Manufacturer/Model Number: Home made OS: Windows 10 Pro X64 CPU: Intel I9 9900KS Motherboard: Asus WS Z390 Pro. Memory: 64 Gb DDR4-2666 Graphics Card: Intel HD 630 Sound Card: Realtel ACL Monitor(s) Displays: Fujitsu L27T-1 LED DVI +Samsung 32" Screen Resolution: 1920 x 1080 and 3840x2160@60Hz Keyboard: MS 600 Mouse: Microsoft 3 button optical mouse. PSU: 850W Be Quiet. Case: Fractal Design R6 USB-C Black. Cooling: Alpenfoehn Olymp + 3 fans on cooler. Hard Drives: 2 x Samsung 970Pro M2 500Gib in Raid 0 mode
2 x Intel P900 280Gib in Raid 0 mode
2x Toschiba SATA 500Gib in Raid 0 mode Internet Speed: 65/10 Browser: IE + Edge Chrome Antivirus: MS Defender Other Info: Next build will be a 2066 socket one. Speed is addictive, right ?
@dencal try running the SA 00086 tool in safe mode.
Surface Pro comes with BitLocker encryption enabled by default....so am protected.
To gain access to safe mode I would need to disable Bitlocker.
This is simple to do without a key, although it takes a while....access to computer can only be through Windows Hello.
The problem is when I wish to re-enable Bitlocker.....Would then need to create a key, and safeguard it, if lost would end up with a brick....at my age forgetfulness is commonplace.
Computer Type: PC/Desktop System Manufacturer/Model Number: Self Built OS: W10 Pro + W10 Preview CPU: i7 Hard Drives: Dual swop 2.5" SSD Hard Drive Rack. Internet Speed: 385mbs Other Info: Surface Pro 4 i7. +
MSI GE 70 i7 super raid 0 (3 drives)
Computer Type: Laptop System Manufacturer/Model Number: Surface Pro 4 i7 OS: W10 Pro
Surface Pro comes with BitLocker encryption enabled by default....so am protected.
To gain access to safe mode I would need to disable Bitlocker.
This is simple to do without a key, although it takes a while....access to computer can only be through Windows Hello.
The problem is when I wish to re-enable Bitlocker.....Would then need to create a key, and safeguard it, if lost would end up with a brick....at my age forgetfulness is commonplace.
An alternative would be, restart Windows, so the fast startup is no used, then as soon as you get to the desktop, before all background services, and 3rd party software is loaded, use the SA86 checker.
Computer Type: PC/Desktop System Manufacturer/Model Number: ۞ΞЖ†ԘΜΞ۞ OS: Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu CPU: Intel Core i9 9900K Motherboard: ASUS ROG Maximus X Hero Memory: 32 GB Quad Kit, G.Skill Trident Z RGB Series schwarz, DDR4-3866, 18-19-19-39-2T Graphics Card: ASUS GeForce RTX 3090 ROG Strix O24G, 24576 MB GDDR6X Sound Card: (1) HD Webcam C270 (2) NVIDIA High Definition Audio (3) Realtek High Definition Audio Monitor(s) Displays: BenQ BL2711U(4K) and a hp 27vx(1080p) Keyboard: Trust GTX THURA Mouse: Trust GTX 148 PSU: Corsair HX1000i High Performance ATX Power Supply 80+ Platinum Case: Phanteks Enthoo Pro TG Cooling: Thermaltake Floe Riing RGB TT Premium-Edition 360mm and 2x120 Phantek& Halo front, and 1x140 Phante Hard Drives: C: Samsung 960 EVO NVMe M.2 SSD
E: & O: Libraries & OneDrive-> Samsung 850 EVO 1TB
D: Hyper-V VM's -> Samsung PM951 Client M.2 512Gb SSD
G: System Images -> Samsung 860 Pro 2TB Internet Speed: 25+/5+ (+usually faster) Browser: Edge; Chrome Antivirus: Windows Defender of course & Malwarebytes Anti-Exploit as an added layer between browser & OS Other Info: Router: FRITZ!Box 7590 AX V2
Sound system: SHARP HT-SBW460 Dolby Atmos Soundbar
Webcam: Logitech BRIO ULTRA HD PRO WEBCAM 4K webcam with HDR
Computer Type: PC/Desktop System Manufacturer/Model Number: Hyper-V Virtual Machine OS: Windows 10 Insider Build - Fast Ring CPU: 8 Virtual Processors(8 threads) Motherboard: N/A Memory: 8192 MB - Dynamic Memory turned on Screen Resolution: Being a VM, it depends what size I need at a given moment;) Hard Drives: VM is on a separate internal SSD(Samsung 850 EVO SSD) Browser: Edge, chrome Antivirus: Defender Other Info: Secure Boot enabled,
All Integration Services are turned on,
Enhanced Session Mode selected
If anyone is having trouble running the Powershell script here's one more alternative (requires .NET 4.5).
If ran as administrator it also allows you to disable the windows patches.
As promised, I took a good look at your references and some of the notions about Spectre & Meltdown I already Knew. All in all, I have a better understanding of what is involved about those vulnerabilities. As mentioned in my post #225, there is not much I can do other than wait for a BIOS update or a firmware patch from HP.
Thanks again.
Read more:
Windows client guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
Protect your Windows devices against speculative execution side-channel attacks
ADV190013 | Microsoft Guidance to mitigate...
Source: Mitigating speculative execution side channel hardware vulnerabilities Defense
See also: Microsoft Announcing Speculative Execution Bounty Program Launch - Windows 10 Forums
Quote