Originally posted by garegin
View Post
Literally the BIOS is software but no they are not the same because the timing is different. If you are booting from the network then if the microcode updates are in the boot firmware you will be protected before interacting with the network.
Also if the microcode is in firmware then you are protected even if you boot an OS image that lacks the firmware update.
In Linux, microcode updates are loaded by the kernel early in the boot process, in the initrd, long before networking is started unless you are booting from the network.
In Windows, I assume it is also loaded very early so it can amend errata that could prevent the Kernel from correctly booting... that would be a design goal.
Comment