CPU Vulnerabilities, Meltdown and Spectre, Kernel Page Table Isolation Patches, and more

Discussion in 'Hardware Components and Aftermarket Upgrades' started by hmscott, Jan 2, 2018.

  1. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,313
    Messages:
    26,424
    Likes Received:
    48,563
    Trophy Points:
    931
    From the bleeping article... Intel Microcode updates are "optional updates" that mitigate hardware-based security vulnerabilities and bugs through a software patch. Maybe seekers can get them if they click the Ugly button. But can't confirm this 100% as I never install patches the usual way via Win Update. Could also means that Micro$oft wait it out first to see if there pop up problems similar like this (those who install it freely). Better let the guinea pigs test it out first.

    See also... https://www.windowsmode.com/new-intel-microcode-updates-available-for-all-windows-10-versions/

    Each new feature update (spring/fall) will have the latest microcode aviable from Intel (if verified it works without problems).
     
    Last edited: Feb 2, 2020
  2. Robbo99999

    Robbo99999 Notebook Prophet

    Reputations:
    4,227
    Messages:
    6,717
    Likes Received:
    5,920
    Trophy Points:
    681
    I click the ugly button quite regularly, and it's not installed the newer microcode. I'm thinking that Microsoft don't view the latest microcode as essential to security...ha I don't need any more performance decreases on my 6700K! I have received microcode updates automatically in the past from Microsoft, so I know they do sometimes roll it out to 'everyone', but looks like this latest microcode they've decided not do that (yet).
     
    tilleroftheearth likes this.
  3. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    8,825
    Messages:
    10,802
    Likes Received:
    8,105
    Trophy Points:
    931
    Latest uCode for skylake is D6. Single threaded tasks suffer only 5% loss whereas sustained highly multi-threaded longer than 10-15mins at full turbo on BGA 6700HQ suffers a major hit than CC uCode. Its slower than advertised!
     
    Robbo99999 and hmscott like this.
  4. Robbo99999

    Robbo99999 Notebook Prophet

    Reputations:
    4,227
    Messages:
    6,717
    Likes Received:
    5,920
    Trophy Points:
    681
    I just tested CC microcode vs C6 microcode on my 6700K, and going to the newer CC microcode reduces performance by 1-2%. I tested x6 Physics runs of both 3DMark Timespy and Firestrike, then took an average: 1.3% loss of performance in Timespy and 1.6% loss in Firestrike. I uninstalled the KB update and so gone back to C6 microcode installed by my motherboard and I've regained my original performance...no wonder Microsoft aren't pushing these out automatically, more performance losses and hopefully also because security risks are low to typical consumers.

    And you're saying that the very latest microcode D6 is even slower than the CC microcode I tested above....wow, performance going down the sink big time in contrast to it's original form pre the first 'horrors' of Spectre/Meltdown.
     
    hmscott and Vasudev like this.
  5. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    8,825
    Messages:
    10,802
    Likes Received:
    8,105
    Trophy Points:
    931
    Yeah I know. That's why I switching to Thinkpad Ryzen 4000 U/H series whichever arrives first and once reviews are good I'll buy it.
     
    hmscott and Robbo99999 like this.
  6. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,313
    Messages:
    26,424
    Likes Received:
    48,563
    Trophy Points:
    931
    Intel Discovers Security Flaw in CSME Firmware tomshardware.com | Feb 13, 2020
    [​IMG]

    The flaw means vulnerability to privilege escalation, denial of service and information disclosure.

    Intel’s internal team this week disclosed a new vulnerability in the company’s Converged Security and Management Engine (CSME), which could allow privilege escalation, denial of service and information disclosure attacks against PCs powered by certain Intel CPUs.

    The bug affects all Intel CPUs that come with a CSME microcontroller unit (MCU), with the exception of newer Ice Lake and Comet Lake processor generations. The vulnerability has a CVSS score of 8.2 out of 10, classifying it as “high severity.”

    The firmware flaw is an improper authentication in a subsystem in Intel CSME versions 12.0 through 12.0.48, and versions 13.0-13.0.20 and 14.0-14.0.10 may still allow attackers to enable escalation of privilege, denial of service or information disclosure if they have local access to the device via some other bugs.

    On Internet of things (IoT) devices, only firmware 12.0.56 is affected.
     
  7. Robbo99999

    Robbo99999 Notebook Prophet

    Reputations:
    4,227
    Messages:
    6,717
    Likes Received:
    5,920
    Trophy Points:
    681
    Damn, another one! This is most Intel CPUs is it, apart from Ice Lake & Comet Lake...or I read that wrong?
     
    Vasudev likes this.
  8. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    8,825
    Messages:
    10,802
    Likes Received:
    8,105
    Trophy Points:
    931
    Just updated Intel MEI on 6700HQ/Skylake to latest version from Win-raid. It seems skylake has got new uCode DA. Anyone interested in becoming GP? Performance will be crappier when all cores are actively loaded.
     
    hmscott and Papusan like this.
  9. Talon

    Talon Notebook Virtuoso

    Reputations:
    1,312
    Messages:
    3,302
    Likes Received:
    3,936
    Trophy Points:
    331
    Vasudev, Robbo99999 and ajc9988 like this.
  10. ajc9988

    ajc9988 Death by a thousand paper cuts

    Reputations:
    1,652
    Messages:
    5,944
    Likes Received:
    8,425
    Trophy Points:
    681
    As said in the other thread, this seems similar to the portsmash vulnerability on Intel, compromising both L1 and memory security, albeit in a slightly different way. Not good.

    Sent from my SM-G975U1 using Tapatalk
     
    Vasudev likes this.

Share This Page