New
#270
Some Spectre variants need uCode and OS to mitigate. The uCode I have is in the UEFI. It won't be changed unless software tries to patch it, in which case I hide the update. Plus then I know if the Cumulative causes an issue, it's not because of Spectre. Software can easily be altered (reconfigured) and MS are throwing the switch automatically.
If I used InSpectre or registry to turn it on and off, then MS could turn it back on. I can spot a uCode update in the installed updates easily if anything is downloaded other than the cumulative. If the cumulative tries to turn it back on, it can't because the uCode isn't there. Just call it prior experience of WU.
Yes Spectre is harder on performance than Meltdown. Plus I don't want to disable Meltdown and I won't if I don't mess with the OS.
Ah I see. I had seen discussion with you and other users talking about needing to hide updates because it was already patched at UEFI and I'm guessing making sure auto-update is off (pro only feature?) But then I thought I read that if the OS update recognizes that UEFI had been updated then it doesn't apply itself.
Yes, I think with pro users you can do this in settings but I yesterday had to dl that "wushowhide" tool because WU update kept insisting an Intel graphics driver from '16 was more applicable than the one from 2/18 I had just installed. I checked for updates (I do manually all the time I don't know why) and there it goes throwing the old one back on, laughing at me.
*Oddly, I saw an MS Silverlight update that was already hidden when I first opened the tool.
Yes, unfortunately I'm in the same boat as you, I have to use wushowhide.cab
Hiding KB4100347 blocks it for me. Not really sure of the wushowhide mechanism either, does it work on the description or the KB number? I'd have to assume the latter. All I know is HWiNFO shows me on 0x22 and that's what's in my UEFI so that's good enough for me.
You're welcome.
As for your above statement, I believe that since your BIOS/UEFI is not patched with the appropriate (according to intel) μcode and your CPU is identified as vulnerable, you need to make the registry entries, to be able to receive the Microsoft updates with the mitigations.
After all that's why the Microsoft updates exist. To cover your a**, while waiting for a BIOS/UEFI update.