Windows 10: Windows Client Guidance against speculative execution vulnerabilities

Page 52 of 74 FirstFirst ... 242505152535462 ... LastLast
  1.    28 Mar 2018 #510

    IronZorg89 said: View Post
    I am not very familiar with BIOS/UEFI firmware upgrade, but I was wondering if restoring the machine from a previous system image backup would not do the trick. To be honest, I don't know the answer and would like someone more knowledgeable with this kind of issue to chime in.
    BIOS/UEFI i OS are separate things, first one is just firmware in a chip.
      My ComputersSystem Spec

  2.    28 Mar 2018 #511

    CountMike said: View Post
    BIOS/UEFI i OS are separate things, first one is just firmware in a chip.
    Thanks for taking the time to answer. That's why I asked since it is a chip on the motherboard, I figured out that maybe a restore from a previous system image backup won't have any impact.
      My ComputerSystem Spec

  3.    28 Mar 2018 #512

    IronZorg89 said: View Post
    Thanks for taking the time to answer. That's why I asked since it is a chip on the motherboard, I figured out that maybe a restore from a previous system image backup won't have any impact.
    No way, restore OS won't change the BIOS.
      My ComputersSystem Spec

  4.    28 Mar 2018 #513

    CountMike said: View Post
    No way, restore OS won't change the BIOS.
    That's what I understood. Thanks again!!
      My ComputerSystem Spec


  5. Posts : 442
    Windows 10 Pro x64
       28 Mar 2018 #514

    As already mentioned BIOS is a program on a chip and has nothing to do with Operating System (OS).
    You can install any OS, but the BIOS remains the same regardless of the OS installed (Windows/Linux etc). So accordingly any change to the OS (upgrade or rollback) will not affect the BIOS.
      My ComputerSystem Spec


  6. Posts : 534
    Windows 10 Home - Version 1803 - Build 17134.167
       28 Mar 2018 #515

    Yes I can definitely confirm that is true. The bios is separate from the OS and it must be flashed to the chip on the motherboard. There are of course techniques to rollback a bios and to downgrade a bios and these include keyboard key combination + power presses, using a recovery USB flash drive properly set up with the bios you wish to downgrade to to flash the bios, manually going into UEFI firmware settings and flashing a bios from there using a USB flash drive with the individual and correct bin bios image file in HP's case (or simply rolling back there with the rollback option), or it the bios software allows it, directly through Windows which will initiate a restart to flash it.

    But this can only take place successfully if the bios in place will allow it - if it is not locked. In my case, it was locked which took me a while to confirm and the only option available is to reinstall the same bios. No rollback or downgrade allowed. Which I think is ridiculous because if you have a serious problem, one that is not resolved by reinstalling the same problematic bios, you are stuck with it until who knows how long. I think one should always be allowed to rollback/downgrade a bios in the event there are serious problems including security update bios. I guess this is done for security/liability reasons I don't know.

    Anyway, I have a new laptop now and all is good. If a new bios is released for the old laptop I'll pull the old one out of the closet and see if it fixes it. I am happy with the new laptop which is better than my old one so its not all bad.
    Last edited by tomseys; 28 Mar 2018 at 14:02.
      My ComputerSystem Spec

  7.    28 Mar 2018 #516

    ddelo said: View Post
    As already mentioned BIOS is a program on a chip and has nothing to do with Operating System (OS).
    You can install any OS, but the BIOS remains the same regardless of the OS installed (Windows/Linux etc). So accordingly any change to the OS (upgrade or rollback) will not affect the BIOS.
    When one thinks about it, that makes complete sense. I didn't give it much thought. A system image erases everything on the hard disk drive and replaces it with everything taken at the time of the backup. The firmware located in the chip on the motherboard is not affected. Thank you as well for chiming in.
      My ComputerSystem Spec

  8.    28 Mar 2018 #517

    IronZorg89 said: View Post
    When one thinks about it, that makes complete sense. I didn't give it much thought. A system image erases everything on the hard disk drive and replaces it with everything taken at the time of the backup. The firmware located in the chip on the motherboard is not affected. Thank you as well for chiming in.
    Maybe that UEFI partition on the disk confused you thinking it's on the disk ?
      My ComputersSystem Spec

  9.    28 Mar 2018 #518

    tomseys said: View Post
    But this can only take place successfully if the bios in place will allow it - if it is not locked. In my case, it was locked and the only option is to reinstall the same bios. No rollback or downgrade allowed. Which I think is ridiculous because if you have a serious problem, one that is not resolved by reinstalling the same problematic bios, you are stuck with it until who knows how long. I think one should always be allowed to rollback/downgrade in the event there are serious problems. I guess this is done for security/liability reasons I don't know.
    That's why I am always reluctant to flash/upgrade the BIOS/UEFI in case things like that happen. I totally agree with you that there ought to be a way to roll back, but your explanations about the way to do it are scary enough that if anything goes awry, things can get even worse and brick one's PC.
      My ComputerSystem Spec


  10. Posts : 534
    Windows 10 Home - Version 1803 - Build 17134.167
       28 Mar 2018 #519

    IronZorg89 said: View Post
    That's why I am always reluctant to flash/upgrade the BIOS/UEFI in case things like that happen. I totally agree with you that there ought to be a way to roll back, but your explanations about the way to do it are scary enough that if anything goes awry, things can get even worse and brick one's PC.
    To be honest, I had no problems accessing and flashing the bios in all the ways I described unless I tried to downgrade or rollback. It simply refused to do it saying file not available. I reinstalled the bios probably 10-15 times with no issues using different ways but the problem is it is the same bios - I needed an earlier one (which I of course prepared w/USB flash drive or tried to using rollback procedure) when the computer worked fine to see if the bios is at fault which seemed very likely.

    I later learned from a couple of people at HP that they lock most bios and especially anything that has a security fix. I learned this as I was learning this the hard way. I imagine if you get really unlucky, a power outage or something like that while you are flashing or some other event, or if you use the wrong bios etc you can brick it but even in those cases you can sometimes restore it but it's technical as hell. I usually don't touch the bios unless there is a good reason to. I feel pretty bios-traumatized now, and I don't think I'm ever going to touch a bios again. Though perhaps if I had a rollback guarantee i would explore it but still I'm not sure If I'd do it. No, I don't think so.

    I imagine that the average person who uses their computer for facebook and email is not going to be upgrading/flashing their bios so I'm thinking M and others have to come up with ways to protect computers from Spectre and other developing threats that does not involve manually flashing the bios. I thought I read that they could push microcode through WU that could update firmware on their own machines making bios updates unnecessary and that this may be possible for everyone... maybe I misunderstood that..I'll keep an eye out for these kind of developments.
    Last edited by tomseys; 28 Mar 2018 at 14:03.
      My ComputerSystem Spec


 
Page 52 of 74 FirstFirst ... 242505152535462 ... LastLast

Related Threads
The PowerShell script execution policies enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer. Windows PowerShell has four different execution policies: Execution Policy Description ...
Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
Source: Google Online Security Blog: Disclosing vulnerabilities to protect users
Windows 10 - Need some guidance on recovery in Installation and Upgrade
One of my spare Windows 10 machines is on life support. I must have clobbered it somehow when I was tweaking the multiple display settings ( to incorporate a HDMI projector). It actually worked fine all week, but today, when I tired to set it...
Read more: http://www.zdnet.com/article/microsoft-offers-it-guidance-to-prepare-for-windows-as-a-service/
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:09.
Find Us