Over 1 million tech questions and answers.

BIOS updates for Meltdown and Spectre

Q: BIOS updates for Meltdown and Spectre

Read other answers
RELEVANCY SCORE 200
Preferred Solution: BIOS updates for Meltdown and Spectre

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 104

BIOS updates for Meltdown and Spectre - any info on when they will be ready/released?

Read other answers
RELEVANCY SCORE 102.8

Will there be BIOS updates for the T410 to address the Meltdown and Spectre vulnerabilities?

A:T410 BIOS updates for Meltdown and Spectre

Good day and welcome to the community.Please watch this page: https://support.lenovo.com/us/en/solutions/len-18282 for developing information.
 
As this topic is being addressed in the Security forum: https://forums.lenovo.com/t5/Security-Malware/bd-p/Security_Malware please search and engage discussion there.
 
This thread is now locked to avoid duplication, which only splinters discussions.
Regards.

Read other 1 answers
RELEVANCY SCORE 102.8

Hello! I have a 3 year old Alienware 14. Does Dell plan on issuing BIOS updates to mitigate vulnerability to Meltdown and Spectre?

Read other answers
RELEVANCY SCORE 85.2

Earlier today i Decided to give  Lenovo uk Tech support a call,  i want to know if my  ideapad Z580 was possibly on the vulnerable list for Meltdown & Spectre? Only to my complete astonishment the guy i spoke with said he had never even heard of Meltdown & Spectre, and had no idea what i was even talking aboutuntil he looked it up, then he just said to me  i wouldn't worry about it i were you,  W T F Lenovo.  So does anyone on here know if the ideapad Z580 is affected at all, I can't see it listed anywhere.   

Read other answers
RELEVANCY SCORE 82.8

i'm told by various other forums and newsletters that along with the Microsoft update - installed yesterday - we also need a BIOS update (from manufacturers) with some kind of code from Intel, to fix the above flaws in our CPUs.
i searched the Toshiba downloads and updates page and the only BIOS updates are from 2012.
any news on Toshiba releasing a solution for this?

Read other answers
RELEVANCY SCORE 82

We are attempting to automate the BIOS upgrades to address CVE-2017-5715. This has been no problem thus far on our other Lenovo models that have released updates. However, with the X250 (both touch and non-touch) we receive the following error:   error 180 - bios part numbers do not match It actually does not matter what version of the BIOS we try to flash, lower or higher. The embedded controller will update through the automation but the BIOS will not. The weird thing is if you manually run WINUPTP64.exe it will update without issue. This is not a realistic solution with the number of devices we have. I will say that our X250s have an OEM only BIOS version installed which I suspect might be the issue?   1.19 1.19 (N10ET40W) 1.13 (N10HT14W) For factory use  

A:X250 And Spectre/Meltdown - Cannot Automate BIOS Update

I'll add that this BIOS version is on at least 435 of our X250s.

Read other 1 answers
RELEVANCY SCORE 82

As I know, Intel already published microcode updates for all Haswell CPU's, including mobile. At least, ASUS support confirmed, that BIOS of all MB for Haswell will be updated. Updated microcodes for Linux are already available. What about BIOS update for the Yoga 2 Pro with i7-4500U? Thank you in advance.

Read other answers
RELEVANCY SCORE 82

Will I need to update my IdeaCentre 71-25ISH motherboard's BIOS for Spectre vulnerabilities? I read here in the Reading Privileged Memory (https://support.lenovo.com/us/en/solutions/len-18282) with a Side Channel that Variant 2: Branch target injection (CVE-2017-5715)? Requires processor microcode updates  Requires operating system updatesVulnerable to Spectre attackSo does "Requires processor microcode updates" = motherboard BIOS update?  I see a line of infomation of stating Product: IdeaCentre 700Status: AffectedMinimum Version Required to Fix: FWKT86A  Link to Update:  http://support.lenovo.com/downloads/DS104868 Last Updated: 1/7/2018 I am posting here today because Monday Jan. 8 '18 I was told by Lenovo Support over the phone "there should be no need to update the motherboard BIOS". 

Read other answers
RELEVANCY SCORE 81.2

Is there an estimate of when the BIOS update for the YOGA 910-131 KV 80VF notebooks, to address the Meltdown and Spectre security vulnerabilities, will be available?  Will a notification be pushed out to users with 910s, or do I need to keep checking for availability myself?  Thanks.

Read other answers
RELEVANCY SCORE 80.4

Hello together, does anyone know why the T430s Type 2356 is missing on the BIOS Update list at the following page?https://support.lenovo.com/de/de/solutions/len-18282 So far, only 2352, 2353, 2354 and 2355 are listed an scheduled for february. Will there be an update for the 2356? Thanks in advanceRegards

Read other answers
RELEVANCY SCORE 78.4

I have 2 Lenovo products.  I am guessing the G50-45 is an IdeaPad and the Yoga 2Pro is a notebook.  They both look like laptops to me.  Thanks in advance for all help.(1)  How find my product in Intel ME 6.x/7.x/8.x/9.x/10.x/11/x,SPS 4.0, and TXE 3.0 I Cumulative Security Update (https://support.lenovo.com/us/en/product_security/len-17297)(2) How do I cross map G50-45 and Yoga 2Pro with the names under Product column in the list above to find out if there is fix or when a fix will be available?  Where should I look on my devices to find the matching name under the Product column?(3) How do I request that a fix be placed on Lenovo's update schedule?(4) Where may replacement compatible fixed bios chips for my specific devices be acquired should the existing chip be corrupted when upgrade be applied?(5) Instructions for cloning existing chip to revert back in the event of corrupting and upgrading existing chip to apply the fix (with precautions before the fix).

Read other answers
RELEVANCY SCORE 66.4

Hi I don't see my laptop B50-80 on the list in: Lenovo Security Advisory: LEN-18282 (https://support.lenovo.com/se/pl/solutions/len-18282)Why? Does it means that there won't be a upgrade for this laptop?

Read other answers
RELEVANCY SCORE 65.6

Hi All

I'm sure you've all been following the news of Meltdown/Spectre.

I'm a (very satisfied) AppGuard user and was wondering if AppGuard can or does help with the issues we are facing with Meltdown/Spectre?

I know you need to install OS patches, firmware updates etc etc but in my case my PC is over 5yrs old and I highly doubt there will be any firmware/BIOS updates so can/will AppGuard help at all protect from these threats?
 

A:AppGuard + Spectre/Meltdown

As long as nothing with a code that tries to exploit meltdown/spectre runs on your system then you are protected. So if appguard or any anti exe, anti malware, antivius, srp, god himself stops the payload you are ptotected and if not you are not protected. Not going to go into details when it stops and when it doesn't because as a user you should already know that.
 

Read other 0 answers
RELEVANCY SCORE 65.6

Hello people- I just heard about the security flaw out there called Spectre or meltdown-- My problem is this-- I am working on an older computer running Windows VISTA- yes you heard right-- My computer has never given me ANY problems- and I stand by the old motto- if it aint broke dont fix it. My memory has 8 GB and it is an HP-Intel core 2 quad cpu 2.33 GHZ- service pack 2 windows vista home premium.
Because I am running Vista- I can no longer get chrome updates- and thus when I try to do the software patch for this new problem- That strict isolation site - is not there and thus I cannot enable it- do you really think this is a problem- or not?? Please advise
P.S. My passwords are extremely strong for all of my important sites-if that matters?
 

Read other answers
RELEVANCY SCORE 65.6

Hello everybody, there is an offical Lenovo Advisory for Meltdown & Spectre in Combination with Lenovo Products:https://support.lenovo.com/de/de/solutions/len-18282 But i can't find information about my Lenovo Y50-70. Does anybody has further information?Do we will see an upgrade for our devices? Thanks in advancedGreatings from GermanyDaniel K.

Read other answers
RELEVANCY SCORE 65.2

Hello. I am curious if the Flex 2 and 3 series are vulnerable to the Spectre/meltdown vulnerabilities. I came across a Lenovo article with all the models and did not see Flex 2 and 3. https://support.lenovo.com/us/en/solutions/len-18282

Read other answers
RELEVANCY SCORE 65.2

Hello everybody, there is an offical Lenovo Advisory for Meltdown & Spectre in Combination with Lenovo Products:https://support.lenovo.com/nl/en/solutions/len-18282 But i can't find information about my Lenovo G550. Does anybody has further information?Do we will see an upgrade for our devices?

Read other answers
RELEVANCY SCORE 65.2

Looking through the list of downloads for Spectre/Meltdown here: https://support.lenovo.com/us/en/product_security/len-17297I see nothing for the M715q. I assume it isn't safe from these issues is it? Will it be getting a fix anytime soon?

Read other answers
RELEVANCY SCORE 64.8

3 bios updates for my new notebook have been available over the past month of ownership.  All 3 updates failed at the end of the process with a message saying "c2-Error: Region is write-protected".  The latest one is SP78334 version F.10Ap1.  The good news is that the system still works after the failure without any boot.

Read other answers
RELEVANCY SCORE 64.4

Hello everyone, in 2013 I purchased the Lenovo Ideapad N581 and I am running the newest version of Windows 10 with an SSD. The speed is incredible and I want to keep this laptop for as long as possible.  But with the recent meltdown and spectre debacle, I don't know if I am safe. I heard that I have to update the Bios, but there is no support for Win10. What do I have to do to protect myself? Do I have to buya new laptop? Is an update of windows really enough?

Read other answers
RELEVANCY SCORE 64.4

I have noticed since I updated my system because of the Spectre and Meltdown bug that my SSD's are not getting the same speeds as they were. I downloaded AS SSD benchmark previously and had checked my SSD's and they normally had run at around 450 mbps and 550 mbps. I have 3 SSD's in my system and of course have them all set to AHCI in the BIOS. I downloaded and flashed the new BIOS from Gigabyte's page. The bios version is named F23f (Update Intel ME for security vulnerabilities). Also downloaded and installed the new Chipset driver with the info on the side that says:Intel Management Engine Interface
(Note) Please update the latest BIOS for ME Firmware before installing this driver.
Update Intel ME for security vulnerabilities
Installed the new patch from Microsoft to Windows 10 1709 version KB4054517. I now have been experiencing slower SSD speeds especially for the "Write" speeds. "Read" speeds seem to be the same, if not slightly slower. Is anyone else noticing this? Thanks.
 

Read other answers
RELEVANCY SCORE 64.4

hi friendsMy laptop is a z5070 modelThere is no update for the Meltdown Specter cavityMy Processor Series 4 is the exact name of the 4210uBut the bios has not yet been upgraded and also the processor is not .....Why Lenovo does not do anything!Did you forget this model?

Read other answers
RELEVANCY SCORE 64.4

hi friendsMy laptop is a z5070 modelThere is no update for the Meltdown Specter cavityMy Processor Series 4 is the exact name of the 4210uBut the bios has not yet been upgraded and also the processor is not .....Why Lenovo does not do anything!Did you forget this model?

Read other answers
RELEVANCY SCORE 64.4

I have been going crazy as I am sure others have been trying to get my computer patched.  I ran Powershell commnds to see if I am ok.  I found out it is incomplete without a patch from Lenovo.  It would be a mistake to not issue a patch as this would seem to be a betrayal of trust for those of us who bought Lenovo products. Please issue. Here is an explanation. The image means that your system received patches for the Meltdown bug, but has received incomplete patches for the Spectre bug.This was to be expected, as Google said yesterday that Spectre is harder to exploit, but also harder to patch.What the red text means is that you need additional chipset firmware updates. Microsoft and Google say that OEMs will need to provide users with these additional firmware updates to complete the Windows OS-level Spectre patches. Depending on your computer's age, some OEM might not make these firmware updates available, meaning you'll be stuck with an incomplete Spectre patch.If your laptop/desktop/server vendor has provided extra chipset firmware updates, you can get them from their official sites, install them, and complete the patch. 

Read other answers
RELEVANCY SCORE 64.4

Concerning CVE-2017-5753, CVE-2017-5715 (Specter), and CVE-2017-5754 (Meltdown), Microsoft have provided patches for Windows Server OS's as per the following link.
https://support.microsoft.com/en-us/help/4072698
Thanks Microsoft!
Unforutnately, what is not clear is - does this have to be installed and activated on the Hyper-V host AND all guests, or just the Hyper-V host or just the Hyper-V guests?
We are running 700+ VM's across approximately 30 Hyper-V 2012 R2 hosts.  If it's only necessary to update the hosts, that would be less work for us - and we can do it without downtime for the guests.

Read other answers
RELEVANCY SCORE 64.4

Is there a patch available yet?Meltdown and SpectreBugs in modern computers leak passwords and sensitive data. Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.

Read other answers
RELEVANCY SCORE 64.4

I can't apply Microsoft updates to address the Meltdown/Spectre vulnerabilities until there is an update to the BIOS software from Lenovo. I have reviewed the support page that lists models targeted for updates, and I don't see mine listed: https://support.lenovo.com/us/en/solutions/len-18282 This is my main personal laptop, which I use for a lot of important tasks. If I can't apply this critical security update then it's worthless to me. This is not a very old machine, I would expect there to be some acknowledgement of it on that support page, but as far as I can see only newer Yoga models are being targeted for firmware patches. Please advise whether Lenovo intends to address this issue on this model.

Read other answers
RELEVANCY SCORE 63.6

I've already seen something similar to this on here so apologies if it's a duplicate... BUT this one seems a bit easier to understand than the one I saw last week...
 

Read other answers
RELEVANCY SCORE 63.6

Have any patch for fix spectre / meltdown explicit ? 

A:Lenovo Ideapad 500-15isk meltdown/spectre patch

Good day and welcome to the community.Please monitor this page: https://support.lenovo.com/us/en/solutions/len-18282 for system-specific updates.
 
Hope this helps.Regards.

Read other 1 answers
RELEVANCY SCORE 63.6

where can i find the Windows 7 and 8.1 fixes for Meltdown and Spectre CPU flaws

Read other answers
RELEVANCY SCORE 63.6

Last update: 4th January 2018 @10.44pm GMT

CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 (Meltdown and Spectre) Windows antivirus patch compatibility

 

Read other answers
RELEVANCY SCORE 63.6

HelloI would like to install the O2TJY45USA firmware update for my Ideacentre 510-15IKL. I am running Linux Mint on the desktop. I could find the Windows10 updater .EXE on the pcsupport.lenovo.com website  so far. Does anybody knows if there is a bootable .ISO that I could use without Windows. The updater .EXE provided in the download package is called wflash2.exe which indicates that it is designed for the use with Windows10 and not FreeDOS or alike. Many thanks for your help

Read other answers
RELEVANCY SCORE 62.8

This update will come out as a push if push updating is on, otherwise your next IPS upgrade will contain signatures to block both Spectre and Meltdown.

CPU.Speculative.Execution.Timing.Information.Disclosure | IPS
CPU.Speculative.Execution.Timing.Information.Disclosure
This indicates an attack attempt to exploit an Information Disclosure vulnerability in various systems.
The vulnerability is due to how CPUs can be tricked to leak information from the kernel and other user-mode process memory. A remote attacker can exploit this to gain access to sensitive information. This signature covers for both Spectre and Meltdown vulnerability.

All systems that have CPUs with speculative execution and multiple levels of instruction/data cache.

In addition, Fortigate Appliances are not impacted by Meltdown and/or Spectre. Fortinet products are designed to not permit arbitrary code execution in the user space.
 

A:Fortinet issues IPS Signature to block Meltdown and Spectre at the gateway.

My note;

Enter the device CLI and type: execute update-now
and meltdown/spectre IPS signature will be added immediately.
(for those with Fortinet appliances)
 

Read other 1 answers
RELEVANCY SCORE 62.8

Microsoft released a rare out-of-band security update to supported many versions of Windows. The software update is part of a number of fixes that will protect against a newly-discovered processor bug in Intel, AMD, and ARM chipsets. ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilitiesDubbed ?Meltdown? and ?Spectre,? the flaws affect nearly every device made in the past 20 years, and could allow attackers to use JavaScript code running in a browser to access memory in the attacker?s process. That memory content could contain key strokes, passwords, and other valuable information. More InfoFor consumers, to keep Windows up to date is the first step but is mandatory to install applicable Firmware (BIOS) update provided by OEM device manufacturer. 1) Microsoft has released the following patches for Windows 10:KB4056892 (OS Build 16299.192)KB4056891 (OS Build 15063.850)KB4056890 (OS Build 14393.2007)KB4056888 (OS Build 10586.1356)KB4056893 (OS Build 10240.17738)(*) Verifying that protections are enabled Verification using the PowerShell, Lenovo Yoga 2 Pro (20266 / 80AY), Patches Installed2) Then I would like to know when Lenovo Yoga 2 Pro (20266 / 80AY) is going to receive a microcode fix (Firmware Update) to address Spectre and Meltdown security risks?Currently it isn't even listed under Lenovo Security Advisory LEN-18282Please support your costumers with a proper Firmware. Best Regards,

Read other answers
RELEVANCY SCORE 62.8

After applying KB4056894 to my windows 7 laptop, visual studio 2010 stopped working, manifesting all sorts of subtle bugs which did not go away even after fully repairing Visual Studio 2010.  In addition, the import settings operation returns fourteen
errors consistently, also new with KB4056894.  I just restored from a Nov 2017 system image and now everything is stable and functional again.
I have now blocked all future windows 7 updates, which is fine with me.  These updates always consumed a lot of time and I'll be happy to go without them starting now.
I also have windows 10 installed on the same laptop which I stopped using several months ago, in favor of Windows 7 due to the latest Windows 10 being such a horrible operating system.  It's even worse than Windows 8.  Sorry to say this, but it's
true!
At least in windows 7 all control panel settings reside in one control panel! I believe that Microsoft has been working on the new metro/universal app for settings since 2011 starting in windows 8!  It's now 2018 and these settings are still split between
the UWP settings app and the desktop control panel.  I thought I took a lot of time to get things done, however Microsoft takes the cake when it comes to taking time to get things done.
If my tone seems to be a bit snotty, it is, but it is upsetting to hear talk of AI and Neural Networks when the CPU architecture and windows OS seems to have been neglected to such a great ext... Read more

Read other answers
RELEVANCY SCORE 62.4

Hi ,

As we know about the Spectre and meltdown Vulnerability, to mitigate these Vulnerability we need to apply the Windows OS patches.
i didn`t found any KB update released for the Server 2012, can anyone suggest when this will be released or share KB no if it already released.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

Shailendra Dev

Read other answers