Updated Firmware Available for 6th, 7th and 8th Generation Intel Core Processors

Raevenlord · Feb 21, 2018

Intel today shared in a blog post that they are deploying microcode solutions that have been developed and validated over the last several weeks. These updates aim to patch security vulnerabilities recently found in Intel processors, and will be distributed, mostly, via OEM firmware updates - users who want to have their system hardened against Spectre and Meltdown exploits will have to ensure that their system manufacturer of choice makes these microcode updates available. If they don't do it in a timely fashion, users have no choice but to be vocal about that issue - Intel has now done its part in this matter.

This is the second wave of Intel's patches to mitigate the Spectre and Meltdown vulnerabilities, after the first, hasty patch sent users on towards unstable, crashing systems and the inevitable update rollback. Security had already been reinstated, of sorts, for Intel's Skylake processors, but left users of any other affected Intel CPU family out in the cold. Here's hoping this is the one update that actually sticks after thorough testing and validation.

View at TechPowerUp Main Site

Upgrayedd · Feb 21, 2018

I'm on 4th gen and uninstalled the Win10 update. Ez fix.

oxidized · Feb 21, 2018

Am i the only one not giving a sh*t about this? Why should i worry for my security? Why would someone exploit these flaws to hack me?

_JP_ · Feb 21, 2018

Meanwhile Haswell is still drifting trough mud...

SL2 · Feb 21, 2018

Did you look at the pdf? Seems like a lot of updates are coming, at least for Sandy Bridge, Ivy Bridge, Haswell and Broadwell who currently are in beta.

Pretty much anything up to 10 years old is in there including Penryn and Wolfdale, although not in beta yet. Conroe is the newest CPU type that isn't mentioned.

https://newsroom.intel.com/wp-content/uploads/sites/11/2018/02/microcode-update-guidance.pdf

R-T-B · Feb 21, 2018

oxidized said:
Why should i worry for my security? Why would someone exploit these flaws to hack me?

Because in the modern world, everyone's data has value. Yes, even you and your boring bank account.

Arrakis9 · Feb 21, 2018

Time to fire up the ubu tool and make myself another modded bios, thanks Asus :rolleyes:

Space Lynx · Feb 21, 2018

So basically I just wait for MSI to post a BIOS update for my Z370 motherboard (8700k)? Fine by, I am sure they will do it in a week or so. Hope they do anyway, would be nice to get out of the way before I do my next clean install in early March.

oxidized · Feb 21, 2018

R-T-B said:
Because in the modern world, everyone's data has value. Yes, even you and your boring bank account.

If i was a hacker or cracker or whatever you want, i wouldn't even bother to steal bank accounts or other stuff to someone like myself, i think everyone has been overreacting way too much about this, the only people who should really worry about are companies, even small ones, but "normal" people i think will risk next to nothing.

R-T-B · Feb 21, 2018

oxidized said:
If i was a hacker or cracker or whatever you want, i wouldn't even bother to steal bank accounts or other stuff to someone like myself

No offense, but this is why you aren't.

oxidized · Feb 21, 2018

R-T-B said:
No offense, but this is why you aren't.

Also it's not like you'll find people who are able to exploit that in the apartment next to yours, it's a pretty hard thing to do, it took many years to be discovered, what makes you think that those few who know how it all works and how to exploit, will come and try to steal from "small fishes" like ourselves? Unless you own, or are part of some company, in that case you're very well excused.

Aquinus · Feb 21, 2018

R-T-B said:
No offense, but this is why you aren't.

Sorry but, servers are where the real money is at. Why do all that work to get into a personal machine when you can get into a server with an entire database full of information? Just remember, if you're trying to hit a hardware vulnerability with respect to memory visibility, the attacker is already on the machine. That's the important bit that needs to be understood.

Prima.Vera · Feb 22, 2018

To be honest I am more concerned about the performance impact those updates will bring.

eidairaman1 · Feb 22, 2018

oxidized said:
Am i the only one not giving a sh*t about this? Why should i worry for my security? Why would someone exploit these flaws to hack me?

Identity theft

R-T-B · Feb 22, 2018

Aquinus said:
Sorry but, servers are where the real money is at. Why do all that work to get into a personal machine when you can get into a server with an entire database full of information? Just remember, if you're trying to hit a hardware vulnerability with respect to memory visibility, the attacker is already on the machine. That's the important bit that needs to be understood.

Malware strains cast blanket nets. Since they depend on the user for infection, it often is not the malware writer doing the labor to set it up, so yes they are more likely to personally oversee an op on say a bank server, but they are not beyond writing malware to target the casual user. They can, will, and have. They are still interesting targets when brought in "fish net" style.

oxidized said:
Also it's not like you'll find people who are able to exploit that in the apartment next to yours, it's a pretty hard thing to do, it took many years to be discovered, what makes you think that those few who know how it all works and how to exploit, will come and try to steal from "small fishes" like ourselves?

Explained above.

oxidized · Feb 22, 2018

eidairaman1 said:
Identity theft

R-T-B said:
Malware strains cast blanket nets. Since they depend on the user for infection, it often is not the malware writer doing the labor to set it up, so yes they are more likely to personally oversee an op on say a bank server, but they are not beyond writing malware to target the casual user. They can, will, and have. They are still interesting targets when brought in "fish net" style.

Explained above.

So in your opinion, someone who knows how to exploit spectre and meltdown, which are probably like dozens of people within the hundred, will risk it and waste time stealing personal data to someone like me? Wait aren't google and microsoft (and many others) doing that already? I think we live in a world nowadays, that if you don't want to risk being robbed of personal data and contents, you better not even look at PCs, smartphones, TVs, telephones, and internet connection of course.

R-T-B · Feb 22, 2018

oxidized said:
So in your opinion, someone who knows how to exploit spectre and meltdown, which are probably like dozens of people within the hundred, will risk it and waste time stealing personal data to someone like me?

Yes. Many people like you, being the key distinction. Malware doesn't target one user.

Of course if you can keep your machine free of malware, you should be fine. But it is another vector, and quite a big one for that matter.

You are also massively underestimating the amount of people who can exploit this. With example exploits in the wild, I could probably code something.

I think we live in a world nowadays, that if you don't want to risk being robbed of personal data and contents, you better not even look at PCs, smartphones, TVs, telephones, and internet connection of course.

You are right that being at zero risk is a myth in this day and age. But you can and should understand your exploits if you are in IT, and more importantly, why these patches are important.

eidairaman1 · Feb 22, 2018

oxidized said:
So in your opinion, someone who knows how to exploit spectre and meltdown, which are probably like dozens of people within the hundred, will risk it and waste time stealing personal data to someone like me? Wait aren't google and microsoft (and many others) doing that already? I think we live in a world nowadays, that if you don't want to risk being robbed of personal data and contents, you better not even look at PCs, smartphones, TVs, telephones, and internet connection of course.

Id theft, they can steal your bank info/money/setup fake billing accounts, ruin your credit/Social Security etc in the U.S. Also there are lurkers here who could do it especially if a person were to piss them off.

Space Lynx · Feb 22, 2018

eidairaman1 said:
Identity theft

Too late for that, 144 million peoples infos are already in the Dark Web thanks to Equifax. lol I think they recently came out and said it was a lot more info stolen than just SSN and DoB and Addresses as well, lol. So yeah, worrying about that is like.. well I don't know a good analogy, but its too late to care anymore. Just have to have moinotr your credit report and pay for a Identity Theft Insurance is only thing you can do anymore, and I am doing both on a monthly basis.

newtekie1 · Feb 22, 2018

eidairaman1 said:
Id theft, they can steal your bank info/money/setup fake billing accounts, ruin your credit/Social Security etc in the U.S. Also there are lurkers here who could do it especially if a person were to piss them off.

For the common user, Spectre and Meltdown pose little additional threat. To be exploited the attacker has to already have the ability to run admin level code on the machine, so at that point, why even waste time using the Spectre and Meltdown exploits? Why not just monitor activities and steal usernames and passwords as they are typed, or if people are stupid enough to store them in their browsers, just steal the browser save data directly? I mean, it's much easier than reading small chunks of memory and hoping they contain something useful. If the attacker is already to the point that they can freely execute code on your machine, if you've allowed them to get that far, you're already screwed.

Space Lynx · Feb 22, 2018

newtekie1 said:
For the common user, Spectre and Meltdown pose little additional threat. To be exploited the attacker has to already have the ability to run admin level code on the machine, so at that point, why even waste time using the Spectre and Meltdown exploits? Why not just monitor activities and steal usernames and passwords as they are typed, or if people are stupid enough to store them in their browsers, just steal the browser save data directly? I mean, it's much easier than reading small chunks of memory and hoping they contain something useful. If the attacker is already to the point that they can freely execute code on your machine, if you've allowed them to get that far, you're already screwed.

It still would be nice if MSI updates their BIOS with it soon, since I am doing a new and sealed build - clean install everything new March 2nd

I always like to update everything fully before I do a clean install like this on a new build. and then run shutupten, apply all. and then never update anything for a year, and rinse and repeat every year. seems to work for me and i never have issues lol

oxidized · Feb 22, 2018

eidairaman1 said:
Id theft, they can steal your bank info/money/setup fake billing accounts, ruin your credit/Social Security etc in the U.S. Also there are lurkers here who could do it especially if a person were to piss them off.

Again, it's not something a hacker would waste his time on, not that level of hacker anyway, we're all tiny fishes in a pond, they aim to get the biggest fishes in the ocean.

I'd surely keep my performance instead of trading it for security i really don't need, not that kind and that level anyway.

eidairaman1 · Feb 22, 2018

oxidized said:
Again, it's not something a hacker would waste his time on, not that level of hacker anyway, we're all tiny fishes in a pond, they aim to get the biggest fishes in the ocean.

I'd surely keep my performance instead of trading it for security i really don't need, not that kind and that level anyway.

Good luck then

TheinsanegamerN · Feb 23, 2018

oxidized said:
So in your opinion, someone who knows how to exploit spectre and meltdown, which are probably like dozens of people within the hundred, will risk it and waste time stealing personal data to someone like me? Wait aren't google and microsoft (and many others) doing that already? I think we live in a world nowadays, that if you don't want to risk being robbed of personal data and contents, you better not even look at PCs, smartphones, TVs, telephones, and internet connection of course.

Why do you have it stuck in your head they are targeting you specifically? You are just a number. One of many that will get infected if you are not patched.

See, the way it works is simple. Someone who knows hot to expoloit could then write malware that works via drive by attack. If they managed to infect a widely used platform like, say, google or facebook, then there are hundreds of millions of people, just like you, that would get infected.

Every single one of those people has at least a little money to loose, and spread around an entire planet, that is hundreds of millions that could be made, between bank accounts, identity theft, stolen credit cards, ece. Malware is often designed like a fishing net for a reason, after all.

They wont spend tons of time on just you. They will spend tons of time on an exploit that affects multiple millions of people, many just like you, and profit that way. You are no special snowflake, but you ARE a prime target, what with you "why would anybody bother with me" attitude.

but, you know what they say, "a fool and his money/identity"

oxidized · Feb 23, 2018

TheinsanegamerN said:
Why do you have it stuck in your head they are targeting you specifically? You are just a number. One of many that will get infected if you are not patched.

See, the way it works is simple. Someone who knows hot to expoloit could then write malware that works via drive by attack. If they managed to infect a widely used platform like, say, google or facebook, then there are hundreds of millions of people, just like you, that would get infected.

Every single one of those people has at least a little money to loose, and spread around an entire planet, that is hundreds of millions that could be made, between bank accounts, identity theft, stolen credit cards, ece. Malware is often designed like a fishing net for a reason, after all.

They wont spend tons of time on just you. They will spend tons of time on an exploit that affects multiple millions of people, many just like you, and profit that way. You are no special snowflake, but you ARE a prime target, what with you "why would anybody bother with me" attitude.

but, you know what they say, "a fool and his money/identity"

So what benefit could i possibly have patching these flaws on my computer, if the hackers, could hack my bank for example? Do you realize you basically agreed with me? It's not us who should be worrying for that, it's banks and other big sources of money and data ofc.

System Name	The Ryzening
Processor	AMD Ryzen 9 5900X
Motherboard	MSI X570 MAG TOMAHAWK
Cooling	Lian Li Galahad 360mm AIO
Memory	32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s)	Gigabyte RTX 3070 Ti
Storage	Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s)	Acer Nitro VG270UP (1440p 144 Hz IPS)
Case	Lian Li O11DX Dynamic White
Audio Device(s)	iFi Audio Zen DAC
Power Supply	Seasonic Focus+ 750 W
Mouse	Cooler Master Masterkeys Lite L
Keyboard	Cooler Master Masterkeys Lite L
Software	Windows 10 x64

Processor	i7-4790K 4.6GHz @1.29v
Motherboard	ASUS Maximus Hero VII Z97
Cooling	Noctua NH-U14S
Memory	G. Skill Trident X 2x8GB 2133MHz
Video Card(s)	Asus Tuf RTX 3060 V1 FHR (Newegg Shuffle)
Storage	OS 120GB Kingston V300, Samsung 850 Pro 512GB , 3TB Hitachi HDD, 2x5TB Toshiba X300, 500GB M.2 @ x2
Display(s)	Lenovo y27g 1080p 144Hz
Case	Fractal Design Define R4
Audio Device(s)	AKG Q701's w/ O2+ODAC (Sounds a little bright)
Power Supply	EVGA Supernova G2 850w
Mouse	Glorious Model D
Keyboard	Rosewill Full Size. Red Switches. Blue Leds. RK-9100xBRE - Hate this. way to big
Software	Win10
Benchmark Scores	3DMark FireStrike Score : needs updating

Processor	i7 2600K
Motherboard	Asus P8Z68-V PRO/Gen 3
Cooling	ZeroTherm FZ120
Memory	G.Skill Ripjaws 4x4GB DDR3
Video Card(s)	MSI GTX 1060 6G Gaming X
Storage	Samsung 830 Pro 256GB + WD Caviar Blue 1TB
Display(s)	Samsung PX2370 + Acer AL1717
Case	Antec 1200 v1
Audio Device(s)	aune x1s
Power Supply	Enermax Modu87+ 800W
Mouse	Logitech G403
Keyboard	Qpad MK80

System Name	LenovoⓇ ThinkPad™ T430
Processor	IntelⓇ Core™ i5-3210M processor (2 cores, 2.50GHz, 3MB cache), Intel Turbo Boost™ 2.0 (3.10GHz), HT™
Motherboard	Lenovo 2344 (Mobile Intel QM77 Express Chipset)
Cooling	Single-pipe heatsink + Delta fan
Memory	2x 8GB KingstonⓇ HyperX™ Impact 2133MHz DDR3L SO-DIMM
Video Card(s)	Intel HD Graphics™ 4000 (GPU clk: 1100MHz, vRAM clk: 1066MHz)
Storage	SamsungⓇ 860 EVO mSATA (250GB) + 850 EVO (500GB) SATA
Display(s)	14.0" (355mm) HD (1366x768) color, anti-glare, LED backlight, 200 nits, 16:9 aspect ratio, 300:1 co
Case	ThinkPad Roll Cage (one-piece magnesium frame)
Audio Device(s)	HD Audio, RealtekⓇ ALC3202 codec, DolbyⓇ Advanced Audio™ v2 / stereo speakers, 1W x 2
Power Supply	ThinkPad 65W AC Adapter + ThinkPad Battery 70++ (9-cell)
Mouse	TrackPointⓇ pointing device + UltraNav™, wide touchpad below keyboard + ThinkLight™
Keyboard	6-row, 84-key, ThinkVantage button, spill-resistant, multimedia Fn keys, LED backlight (PT Layout)
Software	MicrosoftⓇ WindowsⓇ 10 x86-64 (22H2)

System Name	Pioneer
Processor	Ryzen R9 7950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory	64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches
Software	Windows 11 Enterprise (legit), Gentoo Linux x64

Updated Firmware Available for 6th, 7th and 8th Generation Intel Core Processors

Raevenlord

News Editor

Upgrayedd

oxidized

_JP_

SL2

R-T-B

Arrakis9

Space Lynx

Astronaut

oxidized

R-T-B

oxidized

Aquinus

Resident Wat-man

Prima.Vera

eidairaman1

The Exiled Airman

R-T-B

oxidized

R-T-B

eidairaman1

The Exiled Airman

Space Lynx

Astronaut

newtekie1

Semi-Retired Folder

Space Lynx

Astronaut

oxidized

eidairaman1

The Exiled Airman

TheinsanegamerN

oxidized

Processor	i9 11900k
Motherboard	Maximus XII Apex
Cooling	Custom Liquid W/ 360x60 Radiator
Memory	32Gb Team XTREEM ARGB 3600 b-die
Video Card(s)	Waterblocked MSI RTX 4070
Storage	Intel 900p 480Gb + 4tb Intel 670p
Display(s)	LG C2 evo 42"
Case	Geometric Future Model 8
Audio Device(s)	HD58X + Sennheiser GSX 1000
Power Supply	Corsair RM 750x
Mouse	Steelseries Aerox 5 wired
Keyboard	Akko Mod 007b HE
VR HMD	Samsung Odyssey+
Software	Windows 11

System Name	Apollo
Processor	Intel Core i9 9880H
Motherboard	Some proprietary Apple thing.
Memory	64GB DDR4-2667
Video Card(s)	AMD Radeon Pro 5600M, 8GB HBM2
Storage	1TB Apple NVMe, 4TB External
Display(s)	Laptop @ 3072x1920 + 2x LG 5k Ultrafine TB3 displays
Case	MacBook Pro (16", 2019)
Audio Device(s)	AirPods Pro, Sennheiser HD 380s w/ FIIO Alpen 2, or Logitech 2.1 Speakers
Power Supply	96w Power Adapter
Mouse	Logitech MX Master 3
Keyboard	Logitech G915, GL Clicky
Software	MacOS 12.1

Processor	Intel® Core™ i7-13700K
Motherboard	Gigabyte Z790 Aorus Elite AX
Cooling	Noctua NH-D15
Memory	32GB(2x16) DDR5@6600MHz G-Skill Trident Z5
Video Card(s)	ZOTAC GAMING GeForce RTX 3080 AMP Holo
Storage	2TB SK Platinum P41 SSD + 4TB SanDisk Ultra SSD + 500GB Samsung 840 EVO SSD
Display(s)	Acer Predator X34 3440x1440@100Hz G-Sync
Case	NZXT PHANTOM410-BK
Audio Device(s)	Creative X-Fi Titanium PCIe
Power Supply	Corsair 850W
Mouse	Logitech Hero G502 SE
Software	Windows 11 Pro - 64bit
Benchmark Scores	30FPS in NFS:Rivals

System Name	PCGOD
Processor	AMD FX 8350@ 5.0GHz
Motherboard	Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling	Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory	16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s)	AMD Radeon 290 Sapphire Vapor-X
Storage	Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s)	NEC Multisync LCD 1700V (Display Port Adapter)
Case	AeroCool Xpredator Evil Blue Edition
Audio Device(s)	Creative Labs Sound Blaster ZxR
Power Supply	Seasonic 1250 XM2 Series (XP3)
Mouse	Roccat Kone XTD
Keyboard	Roccat Ryos MK Pro
Software	Windows 7 Pro 64

Processor	Intel Core i7 10850K@5.2GHz
Motherboard	AsRock Z470 Taichi
Cooling	Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory	32GB DDR4-3600
Video Card(s)	RTX 2070 Super
Storage	500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s)	Acer Nitro VG280K 4K 28"
Case	Fractal Design Define S
Audio Device(s)	Onboard is good enough for me
Power Supply	eVGA SuperNOVA 1000w G3
Software	Windows 10 Pro x64

System Name	Skunkworks
Processor	5800x3d
Motherboard	x570 unify
Cooling	Noctua NH-U12A
Memory	32GB 3600 mhz
Video Card(s)	asrock 6800xt challenger D
Storage	Sabarent rocket 4.0 2TB, MX 500 2TB
Display(s)	Asus 1440p144 27"
Case	Old arse cooler master 932
Power Supply	Corsair 1200w platinum
Mouse	squeak
Keyboard	Some old office thing
Software	openSUSE tumbleweed/Mint 21.2