Intel Finally Ready With Security Microcode Updates for Broadwell, Haswell

[lexluthermiester]

I don't know that they are that hard to exploit given example toolkits are in the wild, frankly.

There are several requirements that have to be met in order for an exploit to work. Either direct physical access to subject system, or direct remote access. Trojan's will work but have to be constructed and configured very carefully. And that is just for starters. While these things are possible, they are very improbable. If someone is using a good computing ethic and methodology the chances are minimal at best of a directed attack succeeding.

 

[R-T-B]

There are several requirements that have to be met in order for an exploit to work. Either direct physical access to subject system, or direct remote access. Trojan's will work but have to be constructed and configured very carefully. And that is just for starters. While these things are possible, they are very improbable. If someone is using a good computing ethic and methodology the chances are minimal at best of a directed attack succeeding.

I'm assuming a compromised system ("malware-laden" if you will) true so it probably isn't much to worry about for the average TPU user.

 

[_JP_]

I'm more talking about my motherboard maker than the actual microde update... last time i updated a bios for x299 from MSI all of my system fan headers stopped being able to control PWM fans.

Bios updates in general for me have become "do it only if broken, or if there is extra performance". I like to give them like 2-3 revisions before i update.

I understand you, had that kind of experience with ASRock. I have more of a problem with vague release notes...or the absense of them.

 

[TheMailMan78]

Didn't AMD fix this with a BIOs update?

 

[_JP_]

I haven't checked the AGESA 1.1.0.1 release notes if Spectre was addressed.

 

[som]

¿Qué pasa "Flanagan"...?. ¿Por qué no me admites mis opiniones...?. ¿No te gustan...?:
¡QUE NO SIRVE LA ACTUALIZACIÓN DE INTEL NADA MÁS QUE PARA "FASTIDIAR" EL PC. pierde 10% de recursos y se nota al entrar en el escritorio, en la pantalla de bienvenida.
NO ACTUALIZAR Update Haswell CPU Microcode to revision 24 and Broadwell CPU Microcode to revision 1D. Negativo. "CHAPUZAS" de INTEL.

 

[Vlada011]

Can someone explain me how to avoid patches.
I finally fix audio problems with Win10_x64_1709.
Installed only Chipset drivers before Security Bug is exposed. Now I want to know what to do to avoid auto updates of Security patches.
Maybe someone to write name of Windows Update who is connected with that.

 

[Upgrayedd]

Can someone explain me how to avoid patches.
I finally fix audio problems with Win10_x64_1709.
Installed only Chipset drivers before Security Bug is exposed. Now I want to know what to do to avoid auto updates of Security patches.
Maybe someone to write name of Windows Update who is connected with that.

I could be really wrong here... I think only the Pro version of Win10 lets you stop all updates. For regular windows though I think you just uninstall them after they install themselves and just flag it to not install again.. pretty sure that's what I did, it has been a while, someone will explain this better no doubt.

 

[windwhirl]

¿Qué pasa "Flanagan"...?. ¿Por qué no me admites mis opiniones...?. ¿No te gustan...?:
¡QUE NO SIRVE LA ACTUALIZACIÓN DE INTEL NADA MÁS QUE PARA "FASTIDIAR" EL PC. pierde 10% de recursos y se nota al entrar en el escritorio, en la pantalla de bienvenida.
NO ACTUALIZAR Update Haswell CPU Microcode to revision 24 and Broadwell CPU Microcode to revision 1D. Negativo. "CHAPUZAS" de INTEL.

Reviviste un thread que no tenía actividad desde hace más de un mes... y por cierto, seguro que este era el thread correcto? O incluso el foro correcto...? Casi nadie habla español por aquí...

Can someone explain me how to avoid patches.
I finally fix audio problems with Win10_x64_1709.
Installed only Chipset drivers before Security Bug is exposed. Now I want to know what to do to avoid auto updates of Security patches.
Maybe someone to write name of Windows Update who is connected with that.

To avoid Windows 10 security updates, you'd have to disconnect the system from the Internet, permanently. Windows 10 updates are cumulative and all in one, meaning you get security patches, bug-fixing patches and everything else in only one update, and everything gets installed.

I could be really wrong here... I think only the Pro version of Win10 lets you stop all updates. For regular windows though I think you just uninstall them after they install themselves and just flag it to not install again.. pretty sure that's what I did, it has been a while, someone will explain this better no doubt.

Windows 7 allows you to do that, flagging updates so that they don't get installed. Windows 10 Home just installs everything, the Pro version allows you to choose the Business Branch (now they call it the Semi-Annual Channel), which avoids getting the big feature upgrades (for example, from the Creators Update to the Fall Creators Update), for at least 4 months. Also, the Pro edition can pause updates for up to 35 days.

However, being that the Meltdown/Spectre patch is considered a security update, even if it is also a microcode update, it may be impossible to avoid it without stopping all other updates.

 

[rtwjunkie]

I could be really wrong here... I think only the Pro version of Win10 lets you stop all updates. For regular windows though I think you just uninstall them after they install themselves and just flag it to not install again.. pretty sure that's what I did, it has been a while, someone will explain this better no doubt.

Reviviste un thread que no tenía actividad desde hace más de un mes... y por cierto, seguro que este era el thread correcto? O incluso el foro correcto...? Casi nadie habla español por aquí...



To avoid Windows 10 security updates, you'd have to disconnect the system from the Internet, permanently. Windows 10 updates are cumulative and all in one, meaning you get security patches, bug-fixing patches and everything else in only one update, and everything gets installed.



Windows 7 allows you to do that, flagging updates so that they don't get installed. Windows 10 Home just installs everything, the Pro version allows you to choose the Business Branch (now they call it the Semi-Annual Channel), which avoids getting the big feature upgrades (for example, from the Creators Update to the Fall Creators Update), for at least 4 months. Also, the Pro edition can pause updates for up to 35 days.

However, being that the Meltdown/Spectre patch is considered a security update, even if it is also a microcode update, it may be impossible to avoid it without stopping all other updates.

The Windows Update Mini-Tool (see @Mussels signature for link) allows you to selectively install and/or hide certain updates.

As to delaying the major new versions (although not forever) then you need W10 pro.

 

[lexluthermiester]

you'd have to disconnect the system from the Internet

Incorrect. You need only disable the "BITS" service and the windows update services in the computer management control panel. When/if you wish to update again, re-enable them both and let it update. When finished, disable them again. This method allows the user to completely control when/if updates happen.