Windows Client Guidance against speculative execution vulnerabilities
-
Hi,
Exactly. But that also implies this is not the case for machines not made by MS.
Firmware updates that flash firmwares can often be run from within Windows but are either released through the OEM which get them in some cases form their Intel partnership or are written entirely in house.
Cheers,
I have never got one from Windows. My machine is NOT oem but my MOBO is MSI and as far as I know they are not going to update the BIOS as I said before.
-
-
Ahh, thanks Sloth - that shows that not only is the mechanism there, but it has been done before....
Yes but they are advising not to do it now.
-
I've been following this discussion with great interest. I do not want to provoke anyone, nor are my words targeting anyone. This post should not be taken as a reply to some other member. I am just expressing my sincere, somewhat fatalistic opinion based on this discussion as whole.
Whatever has happened, whatever is the culprit for these potential threats is in my opinion at the moment quite irrelevant and discussing about possible causes / culprits is in no way productive. The important thing is to accept it as a fact we cannot change, and do everything possible to follow instructions to protect our computers as well as possible, be sure BIOS / UEFI is up to date, and finally let Windows Update do what it deems important, install the offered updates.
That's my two Euro cents on this topic.
Kari
-
I've been following this discussion with great interest. I do not want to provoke anyone, nor are my words targeting anyone. This post should not be taken as a reply to some other member. I am just expressing my sincere, somewhat fatalistic opinion based on this discussion as whole.
Whatever has happened, whatever is the culprit for these potential threats is in my opinion at the moment quite irrelevant and discussing about possible causes / culprits is in no way productive. The important thing is to accept it as a fact we cannot change, and do everything possible to follow instructions to protect our computers as well as possible, be sure BIOS / UEFI is up to date, and finally let Windows Update do what it deems important, install the offered updates.
That's my two Euro cents on this topic.
Kari
That is what I am trying to do Kari, but if MSI will not update my BIOS, I am sort of out of luck so to speak.
-
-
![]()
I've been following this discussion with great interest. I do not want to provoke anyone, nor are my words targeting anyone. This post should not be taken as a reply to some other member. I am just expressing my sincere, somewhat fatalistic opinion based on this discussion as whole.
Whatever has happened, whatever is the culprit for these potential threats is in my opinion at the moment quite irrelevant and discussing about possible causes / culprits is in no way productive. The important thing is to accept it as a fact we cannot change, and do everything possible to follow instructions to protect our computers as well as possible, be sure BIOS / UEFI is up to date, and finally let Windows Update do what it deems important, install the offered updates.
That's my two Euro cents on this topic.
Kari
Agreed. The FUD is trying to ascribed blame for this - there is no blame to be ascribed here for the vulnerabilities themselves.
Anything else (responses to / lack of responses, badly-coded stop-gap measures, the not-so-very-innocuous sale of corporate stock) - yeah, all those can have fault attributed to them to any one person or group or corporation. But trying to hold anyone liable (not libel 
) for the vulnerabilities themselves is ludicrous at best, and, really, utterly ridiculous.
But Josey makes a point above me - I'm also in a similar situation - my CPU controller Chipset family, the X58, was developed over 10 years ago. It was first released later that same year.
I purchased my board in mid 2011, after lightning took out my then current machine, and being a Master's student with already 1 year of data for my thesis gathered, I needed to build something quickly. I'm still using that same motherboard, CPU and RAM (and case) as my daily driver, the one that runs Insider builds, and VMs (every other component is newer - except possibly the Blu-Ray burner - I honestly don't remember anymore).
The last BIOS released for that machine was released before I even bought it. On top of that, one of the team engineers at eVGA has specifically stated that this (and other older 'legacy' family boards are awaiting BIOS source code directly from Intel in order to issue an update). https://forums.evga.com/FindPost/2749683
Until that happens, I am pretty much .... out of luck. And others with legacy boards like this (and even much, much newer boards, I've already started hearing rumors of boards as new as 4 years old are being denied any new BIOS / UEFI updates) in pretty much the same boat, well, you can see how it's rather hard to take your advice at just face value and have everything patched - because, well, we really can't have everything patched.
So, it would truly be nice if Windows forced a microcode update via Windows Update to our machines because, at this point, Intel is probably not going to provide BIOS source code from 5 years ago, let alone 10....
-
![]()
I had to change my avatar to Meltdown.
A melting 8700K
original size
Attachment 174456
LOL! Hilarious!
Hi,
My machines run AMI UEFI and these can be updated in a number of ways:
From within the UFI menu itself through a connection to the ftp server, from within Windows desktop, over a network or by booting off a bootable external device connected to a USB port.
This works for MEI/AMT, UEFI/Bios updates, Raid ROM, TPM. Some flashing needs to restart the machine to finish the flashing in a pre-OS environment though. So, after POST but before loading the OS to be clear.
Cheers,
Yeah, I wish I had a UEFI-based machine - for one thing, it would be tons faster than what I have now....
Well, that's convenient. They've come a long way with flashing these days. Used to be fright night when it came to that.
Indeed. But my BIOS came out at a time when flashing from within Windows was already going around. My particular board never came with that feature, sadly - it was a matter of burn to CD , floppy / bootable USB drive and boot off of it to flash the BIOS onto the EEPROM.
But there was a utility that I could use to apply tweaks to the BIOS for overclocking purposes right from Windows without having to reboot into the BIOS Setup. That was something.
-
AFAIK microcode is not CPU specific...Skylake (and it's derivatives) is a problem though (not sure why --- the guys in the know are talking Assembly which is way before my time 
)
-
![]()
KB4078130:
could someone please give a simple guy (= not so tech savvy) like me some clarity about this security update which apparently (if I understand correctly) is not being issued as an automatic W10 update, and has to be downloaded separately (which I have already done, but not run it, because I am unsure if that is the correct thing to do for me = my computer = Intel i5 64)
On 5/01/2018 I received two W10 updates KB4058702 and KB4058032. One of these was the W10 update for the spectre problem.
Although my computer appeared to be slower/sluggish afterwards I noticed no other special problems. That is until yesterday!
Yesterday my computer seemed totally crazy. It started in the morning when using a music editing program. Suddenly the sound was so terribly distorted I could no longer use it. Then later things got worse with multiple problems: screen visual went = just the mouse indicator showing, computer freezing, had to keep using power button to shut down and restart. Checked for virus with Malwarebytes (paid) but that too froze, and kept getting warning web security had been switched off, Bitdefender (paid) also had some difficulties although quick scan found no virus, MS Word froze, computer seemed to be doing something like crazy, but I had no idea what as Task manager was also frozen, later as I watched a film, it kept running jerky….and and and….! W10 troubleshooter found no problem! Later in evening ran troubleshooter through “troubleshoot through W10 update”. This found 3 problems (forgot to copy so don’t know now what = one was not fixed).
But afterwards – and now – computer runs fine again!!!!!!
I have no idea what was going on …what was wrong?
1) So do I leave it like it is now? (= don’t fix what isn’t – at this moment – broken)
2) Run the KB4078130 (but will I get more – worse - problems?)
3) Wait and see = if computer goes crazy again = then run KB4078130?
Because I am a novice I tend to think (scared to make things worse): leave it and wait and see = but I am also worried to get a day like yesterday (maybe even worse), which was really bad and cost me almost the whole day.
So?
Thanks for any help or good advice = really appreciate it
-
Last edited by tomseys; 28 Jan 2018 at 06:26.
-
-
![]()
Malwarebytes becomes Malware
Malwarebytes becomes Malware
Wow – Thanks a lot tomseys, I didn’t know about that!
It certainly screwed my computer up real bad.
This is getting totally ridicules. Who or what to trust anymore? We are getting one hit after another. Intel and Co, MS often, now Malwarebytes…..
And the way they react to their really bad screw-ups is really frustrating = in fact downright disgusting!
From the Link you sent me tomseys: The best you get is:
“The root cause of the issue was a malformed protection update that the client couldn't process correctly. We have pushed upwards of 20,000 of these protection updates routinely. We pride ourselves on the safety and accuracy of our detection engines. To say I am heartbroken is an understatement."
“We test every single one before it goes out.” = Oh Yeah! Am I supposed to believe that after yesterday? I DON’T! If you call that testing before you send out = then I say: close down or get new workers who know what they are doing
And “To say I am heartbroken is an understatement” : = He is heartbroken = I am one of those suckers who had to deal with this ONE WHOLE DAY LONG = and he is heartbroken!!!
Like Intel = NO sorry or something worthwhile
BAD, REAL BAD! I am getting sick of these companies and their attitude and work standards. It’s all about money.
But many thanks tomseys for clearing that up for me. I really appreciate it. At least there are some people in the world you can rely on for good information because Malwarebytes would have just left me hanging!
How is a novice like me supposed to know that it is Malwarebytes causing the problems – there has to be better ways than this!!
And they certainly have to start doing way better than this!!
(but what about this W10 spectre removal update = I should not do it then??)
Quote
