• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Intel firmware patch issues (Meltdown/Spectre)

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
I think this was mentioned in the Meltdown and spectre threads... good to have its own higher visibility thread though I suppose. :)
 
Do mass produced OEM computers automatically install firmware updates?
 
I would imagine these to be under the control of Windows for their updates and bios FW updates the user.

... though that is just a guess. I haven't owned an OEM PC in decades. Any I worked with were the property of an enterprise and had their own patch rollouts.
 
Can firmware updates be pushed to computers behind an active directory domain by the admin?
 
Yes... with some scripting. Don't ask how, I don't do it or know how, but I know my company pushed BIOS updates out via automation of some sort. Maybe it wasn't AD though..
 
I don't know about others, but Dell bios updates are sent as an executable package that does the update during windows reboot, so that could be deployed by regular methods.
 
From my readings, MS sent out a patch to mitigate any infection due to the culprit malware, but it isn't key to solving the problem. Linus Torvalds basically chewed Intel up and spit them out over their botched handling of this issue. Intel's first patch caused more harm than good, their re-write is equally flawed, and the time frame for something more robust according to Intel, patch-wise, is 10 days from today. These are just today's problems. My feeling is that this is going to drag out for months.
 
trents said:
Do mass produced OEM computers automatically install firmware updates?
Click to expand...

Some makers preload their own update software (you can also go to Dell/Lenovo/HP/MSI/Acer's website and download). This would likely be running on a default schedule, and depending on the settings they/you chose could push bios and firmware updates to the computer automatically. Most of the time though they, at most, download the needed updates for their product then nag you to confirm installation.

You could push BIOS updates, but that's a bit risky. If the update is applied, then rebooted, then for some reason interrupted it likely hoses the machine. Not worth the risk IMO. This is the first significant vulnerability I can recall that requires hardware level patching on consumer products. It's a bit of a cluster. We're simply not taking any action on the firmware/bios updates for the next few months. It may end up being resolved "well enough" in the software patches that we're not going to spend hours and hours patching the computer hardware. Because of this delay we didn't already screw a bunch of our client's computers with the recently deployed firmware.

Microsoft's surface tablets supposedly gets firmware updates through Windows Update. I also recall seeing some Lenovo firmware show up when I used a third party update utility to force driver updates on my Windows 10 laptop. IMO the best course of action at this second in time is to take no action, and even just turn off Windows Updates altogether until the dust settles. My main Windows 10 PC has updates paused.
 
Robert17 said:
From my readings, MS sent out a patch to mitigate any infection due to the culprit malware, but it isn't key to solving the problem. Linus Torvalds basically chewed Intel up and spit them out over their botched handling of this issue. Intel's first patch caused more harm than good, their re-write is equally flawed, and the time frame for something more robust according to Intel, patch-wise, is 10 days from today. These are just today's problems. My feeling is that this is going to drag out for months.
Click to expand...

MS patch is against Meltdown. Intel microcode is for Spectre. As far as I'm aware they only did one release of it, which is the one they're backing out of at the moment to have another go.

I'm still of the opinion that a bad fix is worse than having the flaw so I'm playing wait and see on all this. The MS patch looks "good enough" for now, especially as it is the higher risk one in the short term.

I don't have a link to it, but the Intel guy did post a more detailed explanation of why things were done they were, but my take on it is... this is complicated stuff. I don't know if Linus has further responded to that. Linus may not know as much as he thinks, at least when it comes to low level aspects of CPU architectures.
 
Can you even turn off Windows 10 updates? I know they can be paused for 35 days but can they be disabled altogether?
 
There were some tricks that could be done on the system but I think MS were getting hot on them and they were no longer reliable. So, next level approach: ff the PCs can't contact MS servers, they can't update :) I've blocked a whole bunch of them at router level. I can manually turn it off if I do want to update. It might still not be perfect, in the sense that MS may in future add new servers, but good enough for now.
 
I realize that AMD machines are affected by Spectre and Meltdown but at least AMD has not made the false move of releasing microcode that made the issue worse. This all looks very bad for Intel and I believe will give AMD a big boost. Especially since AMD is soon coming out with Ryzen 2000. It will be provoke a significant cross platform migration from Intel to AMD I'm guessing for people on the brink of an upgrade already.
 
AMD (Ryzen) are not vulnerable to Meltdown, but have as they describe it a non-zero risk to Spectre. Intel's microcode update, to my knowledge, has only demonstrated the reboot issue on Haswell/Broadwell platforms. It was their analysis into this that suggested it could also affect the -lake processors, although I'm not aware of any user reports of such.

Given that Meltdown is practically a non-issue on Intel with the OS level patch, the differentiator between them is their Spectre handling. I'm not sure that in itself is sufficient to drive a significant migration that wouldn't have happened for other reasons.
 
reading this, it looks like online gamers are going to take a hit regardless, "The video game maker Epic Games, for example, recently detailed patch-related performance declines in the popular battle royale game Fortnite. "All of our cloud services are affected by updates required to mitigate the Meltdown vulnerability," Epic Games wrote last week. "We heavily rely on cloud services to run our back-end and we may experience further service issues due to ongoing updates."

other reading indicates, to me, that the regular, home user will not see to much of a hit, am I correct?
 
My son is a network engineer for a large credit union chain. He said some of their servers, depending on what they were handling, were experiencing big performance hits and they were getting customer complaints since the patch installation. Servers doing other kinds of tasks were not much affected. He said they are spending a lot of time right now "unpatching."
 
You must log in or register to reply here.

Similar threads

c627627
Dangers of updating NETGEAR Router Firmware for Netgear Nighthawk X6S AC3600 Router
Replies
0
Views
2K
c627627
c627627
R
Still Considering New Laptop
Replies
8
Views
864
DeadSmiley
DeadSmiley
Niku-Sama
DIY router hardware, which setup?
Replies
6
Views
1K
The_Jizzler
The_Jizzler
ZetaRevan
How-to: Linux Gaming Explained (2023 version)
Replies
0
Views
2K
ZetaRevan
ZetaRevan
don256us
(Un)Official Race Week Thread.
2
Replies
26
Views
873
dfonda
dfonda
Back