• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Did i update my ME firmware right? Zombieload, etc...

Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
Hi, i have an i5-9600k. I updated my ASUS Hero XI WiFI BIOS to the last revision (1005), i installed the last cumulative update from Microsoft, and i think i installed the latest firmware and drivers for the Manage Engine. Can you tell me if i'm good to go (except for the microcode that it's not released yet)?

Here's my ME info:


BIOS Version 1005
MEBx Version 0.0.0.0000
GbE Version 0.5
Descriptor Version 1.0
Vendor ID 8086
FW Version 12.0.35.1427 H Consumer
LMS Version 1846.12.0.1173
MEI Driver Version 1912.12.0.1247

And here's my Poweshell script of the patch status:


Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: False

Speculation control settings for CVE-2018-3639 [speculative store bypass]

Hardware is vulnerable to speculative store bypass: True
Hardware support for speculative store bypass disable is present: True
Windows OS support for speculative store bypass disable is present: True
Windows OS support for speculative store bypass disable is enabled system-wide: True

Speculation control settings for CVE-2018-3620 [L1 terminal fault]

Hardware is vulnerable to L1 terminal fault: False

Speculation control settings for MDS [microarchitectural data sampling]

Windows OS support for MDS mitigation is present: True
Hardware is vulnerable to MDS: True
Windows OS support for MDS mitigation is enabled: False

BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : True
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
BTIKernelRetpolineEnabled : False
BTIKernelImportOptimizationEnabled : False
KVAShadowRequired : False
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : False
KVAShadowPcidEnabled : False
SSBDWindowsSupportPresent : True
SSBDHardwareVulnerable : True
SSBDHardwarePresent : True
SSBDWindowsSupportEnabledSystemWide : True
L1TFHardwareVulnerable : False
L1TFWindowsSupportPresent : True
L1TFWindowsSupportEnabled : False
L1TFInvalidPteBit : 0
L1DFlushSupported : True
MDSWindowsSupportPresent : True
MDSHardwareVulnerable : True
MDSWindowsSupportEnabled : False

I hope someone read this and tell me if i do everything right (except the microcode update that it is not released yet by Intel). Thanks!
 
Last edited:
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
The management engine is not related to the MDS vulnerabilities. Updating it doesn't do much except provide them with fixes for bugs in it and possibly, older security breaches (there haven't been any reported for a while, 1 year at least).

You want to update your CPU microcode. The best thing to do is wait for a bios update from your motherboard manufacturer.
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
The management engine is not related to the MDS vulnerabilities. Updating it doesn't do much except provide them with fixes for bugs in it and possibly, older security breaches (there haven't been any reported for a while, 1 year at least).

You want to update your CPU microcode. The best thing to do is wait for a bios update from your motherboard manufacturer.
Hi, and thanks for your answer. In the ASUS website for my motherboard, you have a download in the BIOS section for the ME and it says this:

Version 12.0.35.1427
2019/05/14

MEUpdateTool
Intel has identified security issue that could potentially place impacted platform at risk.
Use ME Update tool to update your ME.
*We suggest you update ME Driver to the latest Version 12.0.35.1427 simultaneously.
 
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
That's a (late) patch / response to the last ME vulnerability I am aware of.

You've done everything you can for now.
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
That's a (late) patch / response to the last ME vulnerability I am aware of.

You've done everything you can for now.
I'll wait for the microcode update. Same as you. I see you have a 9900k. Thanks!!!
 
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
I'll wait for the microcode update. Same as you. I see you have a 9900k. Thanks!!!
No prob. I'm pretty on top of this stuff and you are doing everything right so far. Fortunately no in the wild exploits have been detected yet, because firmware updates may take a tad bit.
 
Joined
May 4, 2012
Messages
968 (0.35/day)
Location
Ireland
System Name SilentIO
Processor AMD Ryzen 5 2600X
Motherboard Asus TUF B450M-Pro Gaming
Cooling Corsair H60
Memory 2x8GB Corsair Vengeance LP @3400 CL16
Video Card(s) MSI GTX 1070 Gaming
Storage 2x Samsung 840 EVO 120GB in Raid0, Samsung 960 PRO 1TB
Display(s) Qnix QX2710 Evolution II Matte 27 @120Hz
Case Cooler Master Silencio 352
Audio Device(s) SoundBlaster e5 + Kingston HyperX Cloud II / Logitech Z333 + Blue Snowball
Power Supply Corsair CX500M
Mouse Corsair Scimitar
Keyboard Corsair K65
Software Windows 10 Pro x64, Xubuntu 19.04
Hang on, so CPUs without hyperthreading are affected as well?
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
Hang on, so CPUs without hyperthreading are affected as well?
Yes. It's tougher to exploit there (which is why intel tells unmitigated users to turn it off) but you certainly can exploit it there too if local code is run with enough time to work.
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10

Attachments

Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
MDS tools confuses me too. Thats' about where I am minus MDS and I supposedly know what I'm doing.

I wouldn't fret it.
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
MDS tools confuses me too. Thats' about where I am minus MDS and I supposedly know what I'm doing.

I wouldn't fret it.
Are we in the same situation? Same vulnerabilities shown in the mdstool?

EDIT: Direct and indirect branchs and speculative store bypass are MDS vulnerabilities too?
 
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
Are we in the same situation? Same vulnerabilities shown in the mdstool?

EDIT: Direct and indirect branchs and speculative store bypass are MDS vulnerabilities too?
Pretty much, yes. I have more on L1TF vulnerabilities but I'm guessing your chip is a different stepping that had that fixed.
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
Pretty much, yes. I have more on L1TF vulnerabilities but I'm guessing your chip is a different stepping that had that fixed.
Then, with the microcode update, direct and indirect branch, spec store bypass and the micro-architechtural data sampling should be fixed? I hope so!!
 
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
Then, with the microcode update, direct and indirect branch, spec store bypass and the micro-architechtural data sampling should be fixed? I hope so!!
Direct branching I'm not even sure what it is, possible it's some other vulnerability that isn't even worth fixing because it wasn't very exploitable. I think the MDS stuff should be fixed though, yes, when microcode finally gets out that covers everything. It may be this tool will still list it as vulnerable but with a "mitigation available" flag or something. Hard to say because I have yet to well, see it.
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
Direct branching I'm not even sure what it is, possible it's some other vulnerability that isn't even worth fixing because it wasn't very exploitable. I think the MDS stuff should be fixed though, yes, when microcode finally gets out that covers everything. It may be this tool will still list it as vulnerable but with a "mitigation available" flag or something. Hard to say because I have yet to well, see it.
Full of vulnerabilities, f*ck, haha! Do Ryzen chips have vulnerabilities too or they are just safe?
 
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
Full of vulnerabilities, f*ck, haha! Do Ryzen chips have vulnerabilities too or they are just safe?
Spectre class vulnerabilities affect them but they are largely patched/mitigated by now.

I would not say they are safer, just less researched. But the truth is these vulnerabilities are way less scary than the media makes them out to be. Stick to best practices when browsing the web and there isn't much they can reasonably do (yet).
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
Spectre class vulnerabilities affect them but they are largely patched/mitigated by now.

I would not say they are safer, just less researched. But the truth is these vulnerabilities are way less scary than the media makes them out to be. Stick to best practices when browsing the web and there isn't much they can reasonably do (yet).
Ok, thanks! You were very helpful. Others just ignore me, ha! Let's wait for the BIOS update and that is it. Have a good night/day!

EDIT: I'll come back to you when the microcode is released.
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
Spectre class vulnerabilities affect them but they are largely patched/mitigated by now.

I would not say they are safer, just less researched. But the truth is these vulnerabilities are way less scary than the media makes them out to be. Stick to best practices when browsing the web and there isn't much they can reasonably do (yet).
Hi, man! How are you?? I updated to Windows 10 buil 1903 and i updated the microcode via Windows Update. The thing is, these values changed from false (secure) to true (vulnerable):

BTIKernelImportOptimizationEnabled: True
KVAShadowRequired: True
KVAShadowWindowsSupportEnabled: True
KVAShadowPcidEnabled: True
L1TFHardwareVulnerable: True

How can i be secure again? How can i "turn" them into false again?
 
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
Hi, man! How are you?? I updated to Windows 10 buil 1903 and i updated the microcode via Windows Update. The thing is, these values changed from false (secure) to true (vulnerable):

BTIKernelImportOptimizationEnabled: True
KVAShadowRequired: True
KVAShadowWindowsSupportEnabled: True
KVAShadowPcidEnabled: True
L1TFHardwareVulnerable: True

How can i be secure again? How can i "turn" them into false again?
I have been trying to interpret the MDS tool for some time. It's confusing, how it marks things. I've just about got it figured out but the short version for you is that is just telling you those above mitigations were turned on by windows. They won't affect your security.

The exception being L1TFHardwareVulnerable. I initially was immune to this but at some point a build update made me claim vulnerable as well. Fortunately mitigations for that vulnerability are already in Windows and I can only assume an MDSTool update changed how they detect it.

tl:dr: MDSTool is confusing, and they really need to make it more readable. If you post a screenshot I can confirm that you are as uptodate as me, which I'd say is "secure."
 
Joined
Apr 1, 2019
Messages
206 (1.01/day)
Processor 3700x @ 4.3
Motherboard Crosshair 7 hero
Cooling Kraken X62
Memory 16GB Trident-Z 3200
Video Card(s) EVGA RTX2080 XC Ultra
Storage Samsung 960 evo 500gb NVME
Display(s) ASUS ROG Swift PG348Q
Case NZXT H500
Audio Device(s) Phillips SHP 9500s.....Audio Technica AT 2035 microphone.....Scarlett 2i2 audio interface.
Power Supply EVGA 850W Supernova G2
Mouse Model O
Keyboard Corsair K65
Software Windows 10
You have a better chance of being struck by lightning....3 times in a row, than being affected by any of these "exploits".
 
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
Just made this. See this infographic. May help understand the tool. Taken from my 9900k on 1903.

GuideToMDSTool.png


You have a better chance of being struck by lightning....3 times in a row, than being affected by any of these "exploits".
MDS is more dangerous than past ones. This is a dangerous mindset given it's abilities and I we are trying to help users who want to stay secure here, not parrot misinformation. Just because we haven't seen in the wild exploits yet is no reason to try to avoid security. Thanks.
 
Joined
Feb 2, 2019
Messages
118 (0.45/day)
Processor Intel Core i5-9600k
Motherboard ASUS Maximus Hero XI Wi-Fi
Cooling Corsair H100i v2
Memory Crucial Ballistix Sport LT 2666MHz 2x8GB
Video Card(s) EVGA RTX 2070 XC Ultra
Storage Crucial BX500 240GB, Samsung EVO 860 1TB
Case Thermaltake Versa H34
Power Supply BitFenix Whisper M 750w
Mouse ASUS Cerberus
Keyboard ASUS Cerberus
Software Windows 10
I have been trying to interpret the MDS tool for some time. It's confusing, how it marks things. I've just about got it figured out but the short version for you is that is just telling you those above mitigations were turned on by windows. They won't affect your security.

The exception being L1TFHardwareVulnerable. I initially was immune to this but at some point a build update made me claim vulnerable as well. Fortunately mitigations for that vulnerability are already in Windows and I can only assume an MDSTool update changed how they detect it.

tl:dr: MDSTool is confusing, and they really need to make it more readable. If you post a screenshot I can confirm that you are as uptodate as me, which I'd say is "secure."
You have a better chance of being struck by lightning....3 times in a row, than being affected by any of these "exploits".
Thanks both of you. Now i'm getting another issue. A BSOD: critical structure corruption. It happened twice since i installed Build 1903. What can it be?
 
Joined
Aug 20, 2007
Messages
11,647 (2.62/day)
System Name Pioneer
Processor Intel i9 9900k @ Stock
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) USB Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64 Enterprise... yes, it's legit.
Thanks both of you. Now i'm getting another issue. A BSOD: critical structure corruption. It happened twice since i installed Build 1903. What can it be?
That's an interesting one. It doesn't sound like an exploit related issue though. I'd take that to a seperate thread as it could be anything from a bad overclock, unstable ram/ram profile, to a OS upgrade gone bad.

The users here will be happy to help you in a seperate topic, though!
 
Top