• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Intel Microcode Boot Loader

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
Regeneration

Regeneration

New Member
Joined
Sep 7, 2018

In early 2018, security researchers discovered several security vulnerabilities affecting all processors: Meltdown and Spectre. These vulnerabilities allow speculative execution side-channel attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754). While Meltdown was resolved with an OS patch, Spectre required a microcode update.

Since the microcode is stored and automatically loaded by the BIOS/UEFI, motherboard manufacturers required to issue an update. However, manufacturers normally release firmware updates only for their newest products. Plenty of motherboards still remain vulnerable until this very day.

Intel Microcode Boot Loader is a workaround for the microcode problem on Intel-based motherboards. It updates the microcode every time the system is booted. Based on Intel BIOS Implementation Test Suite (BITS), users no longer need to modify BIOS/UEFI ROMs to stay protected from security vulnerabilities, bugs and erratas.

This solution requires permanently plugged USB flash drive with at least 25MB (or similar device) and BIOS/UEFI supporting boot from USB devices. Alternatively, advanced users can install it to a local drive on top of the System Reserved partition (see localdrive.txt for instructions).

Instructions:
1. Format a USB flash drive with FAT32 filesystem.
2. Extract the archive to the USB flash drive and run install.exe to make it bootable.
3. Enter the BIOS/UEFI, assign the USB flash drive as the 1st boot device and enable legacy boot mode.
4. The boot loader will regularly update the microcode and load the OS.

Notes:
* This release includes the latest ucodes for 392 Intel CPUs produced from 1996 to 2018.
* The ucodes are stored in the \boot\mcudb folder if you wish to update in the future.
* If you get 'Ucode not found' warning during installation, or plan to deploy on another PC, look for the correct ucode (by CPUID) in \boot\mcudb and copy it to \boot\mcu.

Changes (v0.5.2):
* Updated microcode database.

Downloads:
Intel Microcode Boot Loader | Mirror #1 | Mirror #2
 
Last edited:
Not that I'll have time to do so, but this raises potentially easier testing of things not otherwise simple or practical. One example might be to test the performance impact of Spectre/Meltdown fixes. Or to go back to a version before they locked out unintended overclocking features for example. That pretty much requires a custom bios right now. Is there even a way to obtain older microcode?

I assume as it is loaded on boot, it can take over from whatever version is in bios, but we would still need to take care Windows doesn't re-update over it too? I understand Windows may do that, especially since Spectre/Meltdown.
 
Yes, Intel has previous microcode archived on its website.

Windows 10 will overwrite the microcode if current is older. You'll have to uninstall KB4093836, KB4090007, KB4100347 to keep using the older microcode.

But to be honest, the performance impact of Meltdown/Spectre isn't a big deal.

The next Windows 10 major update will improve the performance even further.
 
Regeneration said:
Yes, Intel has previous microcode archived on its website.

Windows 10 will overwrite the microcode if current is older. You'll have to uninstall KB4093836, KB4090007, KB4100347 to keep using the older microcode.

But to be honest, the performance impact of Meltdown/Spectre isn't a big deal.

The next Windows 10 major update will improve the performance even further.
Click to expand...

A loss of performance is a big deal if I’m not presented with an option as to if I am going to install the security fixes or not.

It just reopens the anger regarding forced updates.
 
From my perspective, I'm thinking from a competitive overclocking angle. A percent here or there may be no practical difference in normal use, but could be the difference from taking a record or not. I'm not at that level yet, but it remains a potential consideration, at least for affected generations of products.
 
OC-NightHawk said:
A loss of performance is a big deal if I’m not presented with an option as to if I am going to install the security fixes or not.

It just reopens the anger regarding forced updates.
Click to expand...

That's why I'm not using Windows 10 except on my HTPC because the Netflix app is required for UHD and HDR.

BTW, Microsoft installed junkware on that system without my permission.
 
Regeneration said:
Yes, Intel has previous microcode archived on its website.

Windows 10 will overwrite the microcode if current is older. You'll have to uninstall KB4093836, KB4090007, KB4100347 to keep using the older microcode.

But to be honest, the performance impact of Meltdown/Spectre isn't a big deal.

The next Windows 10 major update will improve the performance even further.
Click to expand...

The performance impact is stupid though. Most of the systems affected by these patches WERE NEVER ACTUALLY VULNERABLE to any possible exploits resulting from Spectre/Meltdown. Windows 10 does not now and never will make up any significant percentage of shared systems where these exploits actually matter.
 
You must log in or register to reply here.

Similar threads

A
Really need help - cannot boot from USB to reinstall windows + more
Replies
9
Views
428
magellan
magellan
B
"... cannot find any bootable devices" a Perplexing and Unacceptable Solution
Replies
2
Views
1K
MacClipper
M
Max0r
SSD system area rewrite death (no wear levelling there)-- is that a thing?
Replies
12
Views
1K
Max0r
Max0r
Tyerker
Your dollar can go a LOT farther these days (mostly)
Replies
3
Views
990
stompah
stompah
mackerel
Possible boost to older Intel CPU performance from Windows microcode load
Replies
0
Views
616
mackerel
mackerel
Back