CPU Vulnerabilities, Meltdown and Spectre, Kernel Page Table Isolation Patches, and more

Discussion in 'Hardware Components and Aftermarket Upgrades' started by hmscott, Jan 2, 2018.

  1. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    33,648
    Messages:
    27,230
    Likes Received:
    50,717
    Trophy Points:
    931
    Intel Fends off PLATYPUS Vulnerability With Microcode Update tomshardware.com | Today



    Linux users can find instructions for manually updating their firmware on Intel's Github page. However, it's likely that Microsoft and other OS vendors will include automated updates that include the new microcode.

    For those with Dell/Alienware's, you all should expect more fun regarding bios updates. Either from own "must have to click on everything from the support page" or from Windows Updates(Dell use Microsoft's servers for all it's worth). The dreaded Plundervolt patch normally follow all new bios updates as a living nightmare and will most likely render your dear undervolt useless.

    upload_2020-11-11_20-16-10.png

    TS author @unclewebb is flooded with questions all over the web on how to get back the undervolt. So it's quite widespread. Many out there sit with tears from their sad eyes when they seeing their machines is rendered useless. Be very careful when you feeel for being a guinea pig. Not fun waking up the next morning seeing your Cpu have touched the dreaded 100C temp threshold:vbbiggrin:

    More about undervolt and Plundervolt here... BLACK LIST. Adjustable voltage control/turbo ratio limits are locked out with Win Updates/Bios upgrades
     
    Last edited: Nov 11, 2020
    Robbo99999, Vasudev, Mr. Fox and 2 others like this.
  2. senso

    senso Notebook Deity

    Reputations:
    540
    Messages:
    1,614
    Likes Received:
    751
    Trophy Points:
    131
    Starting to ask myself how long till people start doing hardmods just to undervolt the CPU..
     
    Vasudev, ajc9988, joluke and 2 others like this.
  3. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    9,700
    Messages:
    10,924
    Likes Received:
    8,264
    Trophy Points:
    931
    Not for long I guess. I'm moving to Ryzen laptops in mid 2021 or late 2021.
    I'll be GP'ing microcode E2 for BGA Skylake this week. Linux performance is crap on 6700HQ and can't undervolt more than 100mV.
     
    Starlight5 likes this.
  4. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    9,700
    Messages:
    10,924
    Likes Received:
    8,264
    Trophy Points:
    931
    It is slower than D2. Subsequent benching produces lower CPU scores when they are highly multi-threaded in uCode E2.
     
  5. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    33,648
    Messages:
    27,230
    Likes Received:
    50,717
    Trophy Points:
    931
    Serious Intel Boot Guard Exploit Leaves Unpatched PCs hothardware.com | Nov 15, 2020

    Attackers with physical access to a device can generally do the most damage to a machine. This remains true with CVE-2020-8705, where an attacker with physical access can gain control of the system firmware while the device resumes from a sleep state. This means there could be privilege escalations, data loss, and more depending on what the primary motives of the attacker. Therefore, Intel users need to patch their systems and prevent unwanted physical access.

    According to Trammell Hudson, CVE-2020-8705, or “Sleep Attack,” occurs when Intel x86 computers enter the sleep state called “S3.” The sleep state turns off the CPU but keeps the DRAM powered, so the CPU state must be restored upon receiving a wake command. When this process starts, the firmware realizes that the DRAM still has power, and some bits of code are skipped, specifically the code checking part of the firmware.

    Yeah, I expect Dell will be one of the first out with new firmware.

    Hackers can use just-fixed Intel bugs to install malicious firmware on PCs arstechnica.com

    Computer makers are in the process of patching Boot Guard. Have you installed it yet?

    upload_2020-11-15_21-19-56.png

    Yeah, I expect Dell will be one of the first out with new firmware. Because Boot Guard have become the main security component in their systems. @Mr. Fox just love this feature. I wonder why Dell prefer to be the Bellwether.
    [​IMG]
    http://forum.notebookreview.com/threads/the-throttlestop-guide.531329/page-1232#post-11054610
     
    Last edited: Nov 15, 2020
  6. Mr. Fox

    Mr. Fox BGA Filth-Hating Elitist

    Reputations:
    34,897
    Messages:
    37,335
    Likes Received:
    62,983
    Trophy Points:
    931
    That vulnerability is most likely what has allowed a few adventurous people to flash modded unsigned firmware on the Alienware 18. Sometimes vulnerabilities can be a blessing in disguise and some would not want it to be fixed. My preference is to avoid fixing any of them. The more you fix, the slower your computer becomes. The notion of having a secure computer is a myth and a joke. I'd rather take my chances with security risks than have a system that runs like crap... yet still isn't secure because there will always be vulnerabilities. Some just haven't been discovered and/or disclosed. The only thing we can count on is that they will always exist, and so will the evil people that look for ways to perform their evil deeds. That will never end.
     
  7. cfe

    cfe Notebook Geek

    Reputations:
    305
    Messages:
    97
    Likes Received:
    206
    Trophy Points:
    41
    and another twist in the plundervolt saga:

    https://www.helpnetsecurity.com/2020/11/16/break-intel-sgx/

    really, intel? come on...:confused:

    and we're still left to suffer from that "fix" which stripped consumer choice of undervolting :rolleyes:

    hopefully this won't require quite an ugly ucode repair for us to deal with...luckily since it's a hardware point of contact exploit only...but any excuse to nerf old cpu performance will probably be eagerly taken advantage of to sell more units of latest-gen with few more mhz...;):rolleyes:
     
  8. bladerider

    bladerider Newbie

    Reputations:
    22
    Messages:
    2
    Likes Received:
    11
    Trophy Points:
    6
    Vasudev, Papusan, Aivxtla and 2 others like this.
  9. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    33,648
    Messages:
    27,230
    Likes Received:
    50,717
    Trophy Points:
    931
    tilleroftheearth likes this.

Share This Page