Windows Client Guidance against speculative execution vulnerabilities
-
Hi all. I have a few questions. I ran the powershell script in admin mode like described in Brink's post and it outputted this:
So if I'm understanding this correctly I need to get a bios update from the computer manufacturer - in this case HP? I see they are not offering anything yet to anyone.
Also, now that I have ran this script and installed something called nuget (sounds a little like the android OS), do i have to undo anything?
Am i good to go other than needing to get a bios/firmware/microcode update to completely patch it up from HP and then run script again to make sure all is well?
Finally, there was no mention of "nuget" being necessary for this in the first post by Brink. Maybe this should be added to that first post unless I missed it? At least that it will ask for it and then offer a yes or no to accept or not?
-
-
Finally, there was no mention of "nuget" being necessary for this in the first post by Brink. Maybe this should be added to that first post unless I missed it? At least that it will ask for it and then offer a yes or no to accept or not?
Added.
-
Hi,
So if I'm understanding this correctly I need to get a bios update from the computer manufacturer - in this case HP? I see they are not offering anything yet to anyone.
Most of Intel's partner OEM's have not offered anything yet and Intel themselves haven't updated the microcodes for their CPU's yet either.
Rumour has it microcode updates won't cut it either but we'll see what shows up.
Also, now that I have ran this script and installed something called nuget (sounds a little like the android OS), do i have to undo anything?
Nope
Am i good to go other than needing to get a bios/firmware/microcode update to completely patch it up from HP and then run script again to make sure all is well?
Yes.
Cheers,
-
That is the exact way that mine looks.
Mine too. And I am not expecting a fix any time soon. I'd rather wait instead of having some BIOS update which will brick my PC.
-
-
Hi,
I'd rather wait instead of having some BIOS update which will brick my PC.
Why would it brick your pc ?
Most modern bios/uefi system allow you to recover it and you can always reflash it with a version available from the OEM.
Cheers,
-
KBird:
The Surface Pro 3 is an Atom-based architecture which is waaay different from the ULV i3/i5/i7 they used on the Pro models of the same vintage. I don't know enough about that architecture to know if it is subject to the Intel flaws, and the "Surface 3 help" page says zilch about those vulnerabilities. The "Surface 3 update history" page shows the most current item as Sept. 27, 2016, so my guess is that MS is not supporting this machine any more. I remembered something grisly on this front, and sure enough, here's a despressing little item from Engadget whose title says it all "Microsoft: No more Windows 10 upgrades for some Atom-based PCs."
But even though the Surface 3 has a Cherry Trail rather than a Clover Trail CPU model, I see no signs that MS is doing much with updates for that platform, if anything at all. Ouch!
--Ed--
Last edited by EdTittel; 09 Jan 2018 at 15:36.
Reason: Add missing link
-
Added.
The non technical can also use the file in Post #104 assuming the .Net Framework is up to date
more info in posts #107 and #109
-
Hi,
Why would it brick your pc ?
Most modern bios/uefi system allow you to recover it and you can always reflash it with a version available from the OEM.
Cheers,
What I meant is that BIOS update is something that has to be done very carefully. Any step wrongly executed can wreak havoc on one's PC. Under the present circumstances, I don't want Intel or any other OEM for that matter to pull out something in a hasty manner. By the way, I have never flashed my BIOS, but read about it. Just the thought of it gives me the chills. :)
-
Yeah it’s not a great prospect. I managed to do mine for the first time at the weekend but it was hard work. I lost about 300 marks in firestrike as a result and the prospect of losing more on what was an ultra expensive gaming rig is pretty unpalatable.
I struggle to believe intel and MS are expecting the wider user base to do BIOS/firmware updates. Most people don’t even know a BIOS exists. Hackers will prob realise this and exploit the fact that a high percentage of systems will never get patched via BIOS/firmware. They have to find a solution that revolves solely around windows update.
Last edited by Scottyboy99; 10 Jan 2018 at 02:49.
-
-
Hi,
What I meant is that BIOS update is something that has to be done very carefully. Any step wrongly executed can wreak havoc on one's PC. Under the present circumstances, I don't want Intel or any other OEM for that matter to pull out something in a hasty manner. By the way, I have never flashed my BIOS, but read about it. Just the thought of it gives me the chills. :)
Don't worry about it, done that hundreds of times. The main thing that can have it go south is a sudden power outage or "unthoughtful" user interference.
In almost all cases the machine can be revived by reflashing its bios/uefi or like I mentioned, recovery through jumper settings on the mainboard or whatever the OEM has come up with though.
But frankly, I've never had it go wrong. Not even in the 30 years I'm into PC's.
Cheers,