Major flaw in millions of Intel chips -- (Spectre & Meltdown)

Corrine · January 14, 2018, 12:54:40 AM

Intel Security Issue Update: Addressing Reboot Issues

QuoteWe have received reports from a few customers of higher system reboots after applying firmware updates. Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center. We are working quickly with these customers to understand, diagnose and address this reboot issue. If this requires a revised firmware update from Intel, we will distribute that update through the normal channels. We are also working directly with data center customers to discuss the issue.

End-users should continue to apply updates recommended by their system and operating system providers.

satrow · January 14, 2018, 09:23:06 AM

Is that longhand for: "We're trying to fix broken corporate computers so End-users please continue to test the buggy patches for us."?

Corrine · January 15, 2018, 02:33:48 PM

List of Links: BIOS Updates for the Meltdown and Spectre Patches:

QuoteAs Intel, AMD, and other CPU manufacturers have started releasing CPU microcode (firmware) updates for processor models affected by the Meltdown and Spectre patches, those updates are trickling down to OEMs and motherboard vendors, who are now integrating these patches into BIOS/UEFI updates for affected PCs.

While not all vendors have patches available for vulnerable products right away, most have promised updates in the following months.

Bleeping Computer will be updating the list as more information becomes available.

winchester73 · January 15, 2018, 02:47:06 PM

Quote from: ky331 on January 11, 2018, 11:30:46 PM
Lenovo pulled SOME --- but not ALL --- of their recently released BIOS updates. Apparently your T440s update was "safe", and not pulled. So you indeed have the newest, safe BIOS update which protects you from Spectre.

... and now it's been withdrawn: https://support.lenovo.com/us/en/solutions/len-18282

I wonder if it is worth trying to roll back the BIOS to 2.44.1.13, the 'new' update is targeted for the end of March. I may lose my sanity by then if the BSODs continue another two months :(

winchester73 · January 15, 2018, 04:40:33 PM

UNCLE :o

Just got a BSOD: SYSTEM_SERVICE_EXCEPTION fltmgr.sys

Went into the BIOS setup menu, disabled Secure Rollback Prevention, downgraded to 2.44 ... hopefully that will stop the madness.

---------------------------------------------------------------------------------------------------

Edit: Even though 2.46 was pulled, System Update just now shows it as a critical update

NO, I'm not going to run it and see if it actually installs ;)

winchester73 · January 15, 2018, 06:19:42 PM

Someone brighter than me will have to explain why this system is 'protected' even though I downgraded the BIOS:

Corrine · January 16, 2018, 01:48:42 PM

Included in CPU vulnerabilities exploited by Meltdown and Spectre and updated as additional information becomes available are 210 vendor security advisories; computer emergency, incident, and security response team reports issued from around the world and more by Aryeh Goretsky.

plodr · January 16, 2018, 02:00:47 PM

FINALLY, a small, no install tool I can run from Steve Gibson.
https://www.grc.com/inspectre.htm

ky331 · January 16, 2018, 02:16:56 PM

For what it's worth, McAfee Endpoint Security (at work) is intercepting Steve Gibson's InSpecture, alleging it is Trojan Artemis... so I can't test it here.

(I take for granted this is a false-positive.)

Corrine · January 16, 2018, 02:28:54 PM

Strange. Windows Defender Smart Screen labeled it as unsafe on my desktop but not on my laptop.

Edit note: Need more coffee. I was using Microsoft Edge on the desktop. No problem with Pale Moon.

winchester73 · January 16, 2018, 02:44:45 PM

No problem with Firefox, saved to desktop and ran it from there.

ky331 · January 16, 2018, 03:00:06 PM

Not surprised about SmartScreen (in IE/Edge)... it's notorious for intercepting new/"unknown" programs.

Corrine · January 16, 2018, 03:14:13 PM

So, my question is this: Since I have two very, very old Intel processors that HP is not likely to provide updates for but both devices are NOT vulnerable to Meltdown but are vulnerable to Spectre, why would I want to disable Meltdown protection via Gibson's tool? Sure, improved performance (although not much for these old devices) but at the cost of security?

MikeW · January 16, 2018, 03:21:18 PM

Quote from: Corrine on January 16, 2018, 03:14:13 PM
So, my question is this: Since I have two very, very old Intel processors that HP is not likely to provide updates for but both devices are NOT vulnerable to Meltdown but are vulnerable to Spectre, why would I want to disable Meltdown protection via Gibson's tool? Sure, improved performance (although not much for these old devices) but at the cost of security?

I got a similar report, saying performance was impacted and I should disable protection. I have not seen any performance degradation. Will leave it as is. With a question mark over this tools worth.

Pete! · January 16, 2018, 03:29:06 PM

I didn't get the impression that I was being told to disable protection, but that I was being given the option.

For instance, a high end gamer might be willing to take a chance to get back some speed that I didn't even notice was lost.