Ok. I guess they show up as a regular windows update, because I never seen an update with a description that mentioned CPU updates, or anything of the sort (not including on-die GPUs)
Announcement
Collapse
No announcement yet.
Intel Posts Updated Microcode Files For Linux
Collapse
X
-
Originally posted by garegin View PostOk. I guess they show up as a regular windows update, because I never seen an update with a description that mentioned CPU updates, or anything of the sort (not including on-die GPUs)
This is how one appears in the windows update (note 100% boilerplate descriptions) https://www.microsoft.com/en-us/down....aspx?id=38964
And this is the knowledge base article that explains what it is (in a very general way, but at least now we know this is a microcode update package) https://support.microsoft.com/en-us/...windows-8-base
Afaik this is not easily possible anymore with Windows 10 since the fuckers at MS decreased significantly the amount of documented updates, so there is no real way of knowing what the hell is in many packages (without examining their contents anyway, it's just a compressed archive).
Which is pissing off sysadmins and prosumers alike. https://answers.microsoft.com/en-us/...a-9c60ef8cd821
- Likes 2
Comment
-
The purist is me, just hates the idea of loading and unloading patches over an OS. In 2018 BIOS updates should be as easy as restarting to BIOS, hitting update and connecting with your internet to DL it. Most OEM mobos can. HP elitedesks can too.
Comment
-
Originally posted by garegin View PostThe purist is me, just hates the idea of loading and unloading patches over an OS. In 2018 BIOS updates should be as easy as restarting to BIOS, hitting update and connecting with your internet to DL it. Most OEM mobos can. HP elitedesks can too.
Comment
-
Originally posted by paulpach View Post
There are 3 different vulnerabilities: Meltdown, Spectre variant 1 and Spectre variant 2. They are all related, but they are distinct separate bugs.
Meltdown only works on intel processors. It cannot be fixed via microcode. Instead there have been patches for linux, windows and macos to work around the bug. In linux the patch is KTPI, and it is the patch that has the worst performance impact on some workloads. With the patch the bug is still there, but the kernels stays out of reach so the bug cannot be used to read kernel data. Meltdown is by far the most severe bug, it is trivial to exploit, and serious consequences. Without the patches, any application can read anything in the kernel including secret keys.
Spectre v1 and v2 work Intel, ARM and AMD processors. They are much harder to exploit, but they are also much harder to work around. There are patches for gcc and kernel to mitigate these issues. These microcode appear to help mitigate the risk of Spectre v1 and v2, but do not help at all for Meltdown.
Comment
-
Originally posted by RealNC View PostIntel is only updating CPUs up to 5 years old. What about the millions and millions of users running Ivy Bridge and Sandy Bridge? Intel is just going to leave them vulnerable?
Comment
-
Originally posted by nanonyme View Post
Wait wait wait. Does this mean fixing Spectre is useless on Intel CPU's affected by Meltdown because you still can use Meltdown to read userland?
Comment
-
Originally posted by garegin View PostThe purist is me, just hates the idea of loading and unloading patches over an OS. In 2018 BIOS updates should be as easy as restarting to BIOS, hitting update and connecting with your internet to DL it. Most OEM mobos can. HP elitedesks can too.
Really, board firmware is unreliable, full of bugs, and it rarely receives updates beyond a few years of the device's release.
While having all stuff in the OS allows easy fixing and updating of any part that needs it.
Besides, microcodes are loaded by UEFI firmware using the same functionality used by the OS. The CPU has default microcodes in internal ROM memory (which allows it to power up and operate).Last edited by starshipeleven; 11 January 2018, 05:19 AM.
- Likes 2
Comment
-
Originally posted by carewolf View PostIntel doesnt support those chips anymore.Trying using any OpenGL application with those two CPUs in Windows 10... Not going to work because Intel has not updated their graphics drivers for windows 10 with those chips, so we are back to MS minimum which is OpenGL 1.1
- Likes 1
Comment
Comment