Over 1 million tech questions and answers.

BIOS updates for Meltdown and Spectre

Q: BIOS updates for Meltdown and Spectre

BIOS updates for Meltdown and Spectre - any info on when they will be ready/released?

Read other answers
RELEVANCY SCORE 200
Preferred Solution: BIOS updates for Meltdown and Spectre

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 101.6

Hello! I have a 3 year old Alienware 14. Does Dell plan on issuing BIOS updates to mitigate vulnerability to Meltdown and Spectre?

Read other answers
RELEVANCY SCORE 101.6

Will there be BIOS updates for the T410 to address the Meltdown and Spectre vulnerabilities?

A:T410 BIOS updates for Meltdown and Spectre

Good day and welcome to the community.Please watch this page: https://support.lenovo.com/us/en/solutions/len-18282 for developing information.
 
As this topic is being addressed in the Security forum: https://forums.lenovo.com/t5/Security-Malware/bd-p/Security_Malware please search and engage discussion there.
 
This thread is now locked to avoid duplication, which only splinters discussions.
Regards.

Read other 1 answers
RELEVANCY SCORE 83.6

Earlier today i Decided to give  Lenovo uk Tech support a call,  i want to know if my  ideapad Z580 was possibly on the vulnerable list for Meltdown & Spectre? Only to my complete astonishment the guy i spoke with said he had never even heard of Meltdown & Spectre, and had no idea what i was even talking aboutuntil he looked it up, then he just said to me  i wouldn't worry about it i were you,  W T F Lenovo.  So does anyone on here know if the ideapad Z580 is affected at all, I can't see it listed anywhere.   

Read other answers
RELEVANCY SCORE 82.4

Recently bought a new msi gt62vr 7re gaming laptop and I'm quite terrified about the news...What should I do?Should I even worry?
 

 
MSI has just released a new BIOS today with:

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; ;; ;; MSI BIOS Release Notes ;; ;; ;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
Model : MS-16L2 (KBL)
MKT Name : GT62VR 7RD / GT62VR 7RE ;****************************************************************************; New BIOS : E16L2IMS.30C
ROM CheckSum : 2FCDH
Release Date : 2018/1/9
 
;--------------------------- Description ------------------------------------;
 
Update CPU microcode.
 
 

 

 
But I'm honestly quite scared of doing it after going through the instructions...What should I do?
 

 
 
Do you think I should even bother and risk updating the BIOS?I'm kind of thinking that the risk that I break something is higher than the risk that I get hacked with the Spectre vulnerability...I've never ever updated BIOS and I'm unable to take my laptop to any technician because of my disability.

A:Meltdown/Spectre BIOS update

MSI has a BIOS update (version E16L2IMS.30C) which addresses the recently discovered security flaw in Intel. ARM, and AMD processors.  This was released on 01/09/2018.  Is this the update you are considering?
 
How did you become aware of this update?
 
It was recently announced that Intel (and other manufacturers)  has a large security problem with their CPUs.  The BIOS update offered by MSI addresses this issue, Microsoft has released a update to address this as well.
 
Updating the BIOS (also known as flashing the BIOS) was fraught with potential problems which left enthusiasts wary of updating.  It had become the accepted norm not to update the BIOS unless there was a hardware change which required a BIOS update to resolve the issue.  But as you have read above there are now more important reasons to update the BIOS.  It is easier to do now, but you need to have a firm understanding of the steps involved in the process.  Have you read through the instructions in the manual for this computer?

Read other 20 answers
RELEVANCY SCORE 81.6

I have a homebuilt workstation using an Intel motherboard and an Intel Processor (Sandy Bridge Xeon and S1200BTL). Am I just...completely out of luck for updates to address Meltdown and Spectre because this didn't come from an OEM, or will Intel release updates for their own hardware?
 
Thanks folks

A:Meltdown/Spectre Firmware/Bios for Homebuilt PC

No, it will depend of the company that made your motherboard.
 
For example, I just had a look at ASUS, and they are releasing BIOS updates with microcode updates (released by Intel). https://www.asus.com/us/support/FAQ/1035291
But you could be out of luck, when your motherboard manufacturer doesn't release new BIOS updates.
 
Although your OS could also help. What OS do you run on your workstation, Windows or Linux?

Read other 1 answers
RELEVANCY SCORE 81.6

i'm told by various other forums and newsletters that along with the Microsoft update - installed yesterday - we also need a BIOS update (from manufacturers) with some kind of code from Intel, to fix the above flaws in our CPUs.
i searched the Toshiba downloads and updates page and the only BIOS updates are from 2012.
any news on Toshiba releasing a solution for this?

Read other answers
RELEVANCY SCORE 81.2

And where can one look to find out short of hunting throughout this site?

Read other answers
RELEVANCY SCORE 81.2

Microsoft continues to work diligently with our industry partners to address the Spectre and Meltdown hardware-based vulnerabilities. Our top priority is clear: Help protect the safety and security of our customers? devices and data. Today, I?d like to provide an update on some of that work, including Windows security update availability for additional devices, our role in helping distribute available Intel firmware (microcode), and progress driving anti-virus compatibility.

Additional steps being taken to address Spectre and Meltdown vulnerabilities
Windows devices need both software and firmware updates to help protect them against these new vulnerabilities. Recently we added software coverage for x86 editions of Windows 10, and we continue to work to provide updates for other supported versions of Windows. You can find more information and a table of updated Windows editions in our Windows customer guidance article. We will update this documentation when new mitigations become available.

While firmware (microcode) security updates are not yet broadly available, Intel recently announced that they have completed their validations and started to release microcode for newer CPU platforms. Today, Microsoft will make available Intel microcode updates, initially for some Skylake devices running the most broadly installed version of Windows 10 ? the Windows 10 Fall Creators Update ? through the Microsoft Update Catalog, KB4090007. We will offer additional microcode upd... Read more

Read other answers
RELEVANCY SCORE 80.4

We are attempting to automate the BIOS upgrades to address CVE-2017-5715. This has been no problem thus far on our other Lenovo models that have released updates. However, with the X250 (both touch and non-touch) we receive the following error:   error 180 - bios part numbers do not match It actually does not matter what version of the BIOS we try to flash, lower or higher. The embedded controller will update through the automation but the BIOS will not. The weird thing is if you manually run WINUPTP64.exe it will update without issue. This is not a realistic solution with the number of devices we have. I will say that our X250s have an OEM only BIOS version installed which I suspect might be the issue?   1.19 1.19 (N10ET40W) 1.13 (N10HT14W) For factory use  

A:X250 And Spectre/Meltdown - Cannot Automate BIOS Update

I'll add that this BIOS version is on at least 435 of our X250s.

Read other 1 answers
RELEVANCY SCORE 80.4

As I know, Intel already published microcode updates for all Haswell CPU's, including mobile. At least, ASUS support confirmed, that BIOS of all MB for Haswell will be updated. Updated microcodes for Linux are already available. What about BIOS update for the Yoga 2 Pro with i7-4500U? Thank you in advance.

Read other answers
RELEVANCY SCORE 80.4

Hello Lenovo team, We, the users of Y510P hereby request our laptops not be exclued from the security updates regarding Spectre/Meltdown. This is a serious issue and we need a serious support from your side.

Read other answers
RELEVANCY SCORE 80.4

It's almost 6 months now and lenovo has still not released a fix for the spectre/meltdown vulnarability. I paid good money for this laptop and with that, I expect good product support. Almost all the other laptops have received the patch, but Lenovo is taking too darn long. Dell has already released fixes for almost all of its laptops. At this point, I'm starting to regret my decision of buying this laptop. Either lenovo is severely understaffed or it simply does not care enough for its customers. Please don't tell me to watch the https://support.lenovo.com/us/en/solutions/LEN-18282 page because I check it everyday. This isn't the only area where lenovo has failed to provide adequate support for its products. They haven't updated their drivers in ages, thinking that their drivers are good enough. Well, as new Windows builds come along, there are more and more problems with the drivers as well, such as the display drivers. They need to update them. An update every 3-6 months would be greatly appreciated as well. Very bad after-sales support from lenovo. Feel free to reply/contradict my claims.....

Read other answers
RELEVANCY SCORE 80.4

Will I need to update my IdeaCentre 71-25ISH motherboard's BIOS for Spectre vulnerabilities? I read here in the Reading Privileged Memory (https://support.lenovo.com/us/en/solutions/len-18282) with a Side Channel that Variant 2: Branch target injection (CVE-2017-5715)? Requires processor microcode updates  Requires operating system updatesVulnerable to Spectre attackSo does "Requires processor microcode updates" = motherboard BIOS update?  I see a line of infomation of stating Product: IdeaCentre 700Status: AffectedMinimum Version Required to Fix: FWKT86A  Link to Update:  http://support.lenovo.com/downloads/DS104868 Last Updated: 1/7/2018 I am posting here today because Monday Jan. 8 '18 I was told by Lenovo Support over the phone "there should be no need to update the motherboard BIOS". 

Read other answers
RELEVANCY SCORE 79.6

Is there an estimate of when the BIOS update for the YOGA 910-131 KV 80VF notebooks, to address the Meltdown and Spectre security vulnerabilities, will be available?  Will a notification be pushed out to users with 910s, or do I need to keep checking for availability myself?  Thanks.

Read other answers
RELEVANCY SCORE 78.8

Hello all, when running the BIOS update utility with BIOS version GFET59WW from 3/13/2018 I get an error, that the firmware file does not fit the machine. Please support a valid BIOS update for Helix 3701. Thank you in advance! Best regards Gerrit 

Read other answers
RELEVANCY SCORE 78.8

Hello together, does anyone know why the T430s Type 2356 is missing on the BIOS Update list at the following page?https://support.lenovo.com/de/de/solutions/len-18282 So far, only 2352, 2353, 2354 and 2355 are listed an scheduled for february. Will there be an update for the 2356? Thanks in advanceRegards

Read other answers
RELEVANCY SCORE 78

Hi.

Just posting here because I have a Toshiba Satellite NB10t-A-101 and after running the checker tool available on the net regarding the machine vulnerability against Spectre and Meltdown, I am concerned by Spectre.

Here after a link to another thread where I arrived after a search.
https://forum.toshiba.eu/showthread.php?98147-BIOS-update-to-protect-against-Meltdown-and-Spectre
I include a link to a Toshiba page with some information on that critical subject.

Seems there is, as of today, no schedule date for my machine.

Read other answers
RELEVANCY SCORE 77.2

I have 2 Lenovo products.  I am guessing the G50-45 is an IdeaPad and the Yoga 2Pro is a notebook.  They both look like laptops to me.  Thanks in advance for all help.(1)  How find my product in Intel ME 6.x/7.x/8.x/9.x/10.x/11/x,SPS 4.0, and TXE 3.0 I Cumulative Security Update (https://support.lenovo.com/us/en/product_security/len-17297)(2) How do I cross map G50-45 and Yoga 2Pro with the names under Product column in the list above to find out if there is fix or when a fix will be available?  Where should I look on my devices to find the matching name under the Product column?(3) How do I request that a fix be placed on Lenovo's update schedule?(4) Where may replacement compatible fixed bios chips for my specific devices be acquired should the existing chip be corrupted when upgrade be applied?(5) Instructions for cloning existing chip to revert back in the event of corrupting and upgrading existing chip to apply the fix (with precautions before the fix).

Read other answers
RELEVANCY SCORE 71.6

Hi, On the list of BIOS update for Meltdown and Spectre, I can't find out the status of Lenovo M81 7517 and Lenovo M81 7517 B2U. Does it mean there is no impact for those 2 desktop? Thanks 

Read other answers
RELEVANCY SCORE 65.2

Hi I don't see my laptop B50-80 on the list in: Lenovo Security Advisory: LEN-18282 (https://support.lenovo.com/se/pl/solutions/len-18282)Why? Does it means that there won't be a upgrade for this laptop?

Read other answers
RELEVANCY SCORE 65.2

Has anyone write step by step procedure to patch this issues yet ??
Those already done,,a little sharing are appreciated !!

Regards
azls73
 

Read other answers
RELEVANCY SCORE 65.2

Hi i dont know a lot about computers or the workings but with the scare of meltdown and spectre can we not get a new mother board and proccessos fitted in our old pc or is it not worth the faffing about and cost or what is the chance of little old me getting hacked just surfing the net not going on naughty sights like porn ect thanks . ps just by a new pc
 

A:Spectre and Meltdown

Chances of you being infected, and/or your data compromised with malware exploiting meltown and spectre vulnerabilities, are close to none.
Keep your software updated and don't be click happy. Stay safe!
 

Read other 0 answers
RELEVANCY SCORE 64.8

3 bios updates for my new notebook have been available over the past month of ownership.  All 3 updates failed at the end of the process with a message saying "c2-Error: Region is write-protected".  The latest one is SP78334 version F.10Ap1.  The good news is that the system still works after the failure without any boot.

Read other answers
RELEVANCY SCORE 64.4

I have Windows 10 version 1709 (Fall Creators Update) on my home desktop PC. I have just updated with 2018-01 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4056892). 
 
I have read the excellent and informative article How to Check if Your PC Is Protected Against Meltdown and Spectre by Chris Hoffman at How-To Geek. I ran this PowerShell script and after entering all of the commands my results are as follows:
 
Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: False (need BIOS update)
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True
 
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimnization is enabled: False [not required for security]
 
Suggested actions
* Install BIOS/.firmware update provided by your device OEM that enables hardware support for the branch target injection... Read more

A:How to Know if I'm Protected Against Meltdown & Spectre

If you have the most recent version BIOS installed, then your BIOS is up to date. There is nothing more for you to do with BIOS for now.BIOS could care less and has no idea what version of Windows you are running. Windows does not load when you go into BIOS.I did not take the time to read all that stuff at How-To Geek.Why did you read and run all that stuff? Are you experiencing system problems?If you're not experiencing system problems, then I would ignore the output of the Powershell app.Yes, it is true that anti-virus apps can interfere with Windows Updates, but Avast Free Edition is not one that I generally see interfering. Usually, it is the Internet Security Suites with the 3rd party firewalls that wreak havoc with Windows Updates. The fact that you checked for Windows Updates and it said none were available means that all outstanding Windows Updates are installed.You have plenty of protection with Avast, Windows Firewall, Internet Modem Firewall and Windows 10 itself. You really don't need further protection.Regards. . .jcgriff2p.s. Just curious - what did they tell you at the How-To Geek forum?

Read other 11 answers
RELEVANCY SCORE 64.4

Hello people- I just heard about the security flaw out there called Spectre or meltdown-- My problem is this-- I am working on an older computer running Windows VISTA- yes you heard right-- My computer has never given me ANY problems- and I stand by the old motto- if it aint broke dont fix it. My memory has 8 GB and it is an HP-Intel core 2 quad cpu 2.33 GHZ- service pack 2 windows vista home premium.
Because I am running Vista- I can no longer get chrome updates- and thus when I try to do the software patch for this new problem- That strict isolation site - is not there and thus I cannot enable it- do you really think this is a problem- or not?? Please advise
P.S. My passwords are extremely strong for all of my important sites-if that matters?
 

Read other answers
RELEVANCY SCORE 64.4

Hello everybody, there is an offical Lenovo Advisory for Meltdown & Spectre in Combination with Lenovo Products:https://support.lenovo.com/de/de/solutions/len-18282 But i can't find information about my Lenovo Y50-70. Does anybody has further information?Do we will see an upgrade for our devices? Thanks in advancedGreatings from GermanyDaniel K.

Read other answers
RELEVANCY SCORE 64.4

Hi All

I'm sure you've all been following the news of Meltdown/Spectre.

I'm a (very satisfied) AppGuard user and was wondering if AppGuard can or does help with the issues we are facing with Meltdown/Spectre?

I know you need to install OS patches, firmware updates etc etc but in my case my PC is over 5yrs old and I highly doubt there will be any firmware/BIOS updates so can/will AppGuard help at all protect from these threats?
 

A:AppGuard + Spectre/Meltdown

As long as nothing with a code that tries to exploit meltdown/spectre runs on your system then you are protected. So if appguard or any anti exe, anti malware, antivius, srp, god himself stops the payload you are ptotected and if not you are not protected. Not going to go into details when it stops and when it doesn't because as a user you should already know that.
 

Read other 0 answers
RELEVANCY SCORE 64.4
RELEVANCY SCORE 64.4

Hi everyone,
I currently own a Windows XP PC, which I occasionally use for web browsing. Are patches for Meltdown and Spectre vulnerabilities going to be issued for Windows XP, similar to the Wannacry Ransomware? I couldn't find any info about this online.
Regards,
iMacg3

A:Meltdown and Spectre patches?

Unsupported operating systems like XP won't be getting patches.
 
My operating system (OS) is not listed. When can I expect a fix to be released?

Addressing a hardware vulnerability with a software update presents significant challenges and mitigations for older operating systems and can require extensive architectural changes. We are continuing to work with affected chip manufacturers and investigating the best way to provide mitigations, which may be provided in a future update. Replacing older devices running these older operating systems should address the remaining risk along with updated antivirus software.
Note
 
Products currently out of both mainstream and extended support will not receive these OS updates. We recommend customers update to a supported OS version.
We will not be issuing updates for Windows Vista or Windows XP-based systems including WES 2009 and POSReady 2009.
 
 
Although Windows Vista and Windows XP-based systems are affected products, Microsoft is not issuing an update for them because the comprehensive architectural changes required would jeopardize system stability and cause application compatibility problems. We recommend that security-conscious customers upgrade to a newer supported operating system to keep pace with the changing security threat landscape and benefit from the more robust protections that newer operating systems provide.

 
https://support.microsoft.com/en-sg/help/4073757/protect-your-windows-d... Read more

Read other answers
RELEVANCY SCORE 63.6

Hello everybody, there is an offical Lenovo Advisory for Meltdown & Spectre in Combination with Lenovo Products:https://support.lenovo.com/nl/en/solutions/len-18282 But i can't find information about my Lenovo G550. Does anybody has further information?Do we will see an upgrade for our devices?

Read other answers
RELEVANCY SCORE 63.6

Security researchers have disclosed a set of security flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel, Advanced Micro Devices and ARM Holdings.
One of the bugs is specific to Intel but another affects laptops, desktop computers, smartphones, tablets and internet servers alike. - Intel and ARM insisted that the issue was not a design flaw, but it will require users to download a patch and update their operating system to fix. - "Phones, PCs, everything are going to have some impact, but it'll vary from product to product," Intel CEO Brian Krzanich said yesterday. 

A:Meltdown & Spectre Vulnerability..Any known way to prevent this?

Operating systems have to be patched. Linux patches are out now, Windows is expected to be patched Update Tuesday next week.
 
Patches and other mitigations have been released for Server versions of Windows:
 
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s
 
https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/

Read other 34 answers
RELEVANCY SCORE 63.6

Based on Microsoft's TechNet here...
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution
I need to add these 3 keys to my servers.  Do I need to add these to my servers that are Server 2012s or are the keys only for Server 2012 R2?

Read other answers
RELEVANCY SCORE 63.6

Specs:
Acer Aspire M3985 (2012)
PSU: XFX 550W
Windows 8.1
GPU: NVIDIA GTX 1070
CPU: Intel Core i7 3770
12 GB RAM
Motherboard: Intel B75
 
So I've been getting freezes/crashes when I'm gaming. I made a thread here: https://www.bleepingcomputer.com/forums/t/666843/pc-freezing-when-gaming/
 
The user usasma recommended to me that I'd also post here.
 
I've updated my BIOS from Acer but they haven't rolled out a new one yet for the bug. What can I do more to know if I'm secure?

A:How to check if im secure against the Spectre/Meltdown bug?

You will have to wait for the firmware update for your BIOS/UEFI with the microcode for your CPU.

Read other 1 answers
RELEVANCY SCORE 63.6

Hello all,
I was trying to get some information about preventing Spectre and Meltdown in a company environment but unfortunately, there was not much information about it.
What I`m trying to understand is if I have completely patched servers including hardware firewall do I need to basically upgrade the firmware of every working station in the company in order to prevent intrusions?
And if any workstation has been compromised will that expose data stored or any servers?
I generally know how temporary files works still I was wondering if they can represent them self through the working station as a regular user?
I would be grateful for your thoughts on this.
Many thanks,
Andy 
 

Read other answers
RELEVANCY SCORE 63.6

Hey guys, and thanks for the help in advance!  Rather than hijack another's thread I will wreak my havoc here.
 
From what I just read (Thanks to Didier Stevens) I see that I have an older version of PowerShell, and that this Script won't work.  Here is my outcome.  I will go try to find the info on Updating Powershell, and then try the script again.  Any advice on that would be nice, if there is anything to avoid etc.  Hopefully this will also help others with this issue.

Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved.

PS C:\Windows\system32> Install-Module SpeculationControl
The term 'Install-Module' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:15
+ Install-Module <<<< SpeculationControl
+ CategoryInfo : ObjectNotFound: (Install-Module:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

PS C:\Windows\system32> get-host|Select-Object version

Version
-------
2.0
PS C:\Windows\system32>

I am a little confused about what this Script does?  Is it that not all CPU's are vulnerable?  My CPU does not have a current firmware update so it may be vulnerable at this time (though not to worried about it ATM) I have time to work on it now, so I'll try to move for... Read more

A:Meltdown and Spectre Powershell-Script Won't Run, Me Too!

You need to install the Windows Management Framework to update PowerShell.
Take a look at the table here to see which version is compatible with your Windows version:
 
https://docs.microsoft.com/en-us/powershell/wmf/readme

Read other 5 answers