• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Intel Microcode Boot Loader

Joined
Aug 20, 2007
Messages
20,627 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Because you are changing the boot with a russian-developed tool.

I mean, I've looked at the script files in UBU and hex output from UBU and it does what it says and nothing more. There is no reason to fear that tool solely for being Russian. It utilizes UEFITool and AMITool for the injections (which are both made in the west if you're a rusophobe) and there is absolutely nothing nefarious there.

Being afraid of something because a russian made it is silly. Anyone can make bad software. You should be critisizing people for using any tool without a reputable coder or (better) a source audit, not for using a "scary russian" tool. That tool is at least open in that it's literally a batch script wrapper for other open source utilities. It can be audited. It has been (by my person, at minimum). It is harmless.

If you want to know something scary, it's that the forum you have to download it from (win-raid) seems to be using a reversible hash on passwords, and other bad practices.
 
Last edited:

Ludwig von Ay

New Member
Joined
Dec 8, 2018
Messages
10 (0.01/day)
Stored on the pendrive, and the database will be updated time to time.
Thank you Regeneration.

I created the pendrive, modified BIOS setup and booted from the stick. Before Windows I could see some text, but it was too fast to read. A small logfile on the pendrive would be nice, containing the last bootloader screen. Or "press any key to continue...". Maybe the latter could be switched on/off in a config file on the stick?

Regards, LvA
 

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
13,147 (2.97/day)
Location
Concord, NH, USA
System Name Apollo
Processor Intel Core i9 9880H
Motherboard Some proprietary Apple thing.
Memory 64GB DDR4-2667
Video Card(s) AMD Radeon Pro 5600M, 8GB HBM2
Storage 1TB Apple NVMe, 4TB External
Display(s) Laptop @ 3072x1920 + 2x LG 5k Ultrafine TB3 displays
Case MacBook Pro (16", 2019)
Audio Device(s) AirPods Pro, Sennheiser HD 380s w/ FIIO Alpen 2, or Logitech 2.1 Speakers
Power Supply 96w Power Adapter
Mouse Logitech MX Master 3
Keyboard Logitech G915, GL Clicky
Software MacOS 12.1
Out of curiosity, is there a problem with the microcode that ships with most OS' people run? I mean my P9X79 Deluxe doesn't have these updates, but it doesn't have to if newer firmware is loaded the moment that the OS starts. So, I guess I don't really get the point of a tool like this. It's not also like there are all of these spectre exploits we need to protect ourselves from. This kind of feels like snake oil.
 
Joined
Aug 20, 2007
Messages
20,627 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Out of curiosity, is there a problem with the microcode that ships with most OS' people run?

Yes. Spectre primarily. MS doesn't put out code for x58.
 

Honest Abe

New Member
Joined
Dec 5, 2018
Messages
14 (0.01/day)
Out of curiosity, is there a problem with the microcode that ships with most OS' people run? I mean my P9X79 Deluxe doesn't have these updates, but it doesn't have to if newer firmware is loaded the moment that the OS starts. So, I guess I don't really get the point of a tool like this. It's not also like there are all of these spectre exploits we need to protect ourselves from. This kind of feels like snake oil.
I'm not sure why anyone with a gaming pc would bother since it just will likely slow you down for no reason since the chance of anyone actaully using these exploits against some random gamer is like 00.1% Like any hacker cares about your "sensitive" files.
 

Regeneration

NGOHQ.COM
Joined
Oct 26, 2005
Messages
3,072 (0.46/day)
Out of curiosity, is there a problem with the microcode that ships with most OS' people run? I mean my P9X79 Deluxe doesn't have these updates, but it doesn't have to if newer firmware is loaded the moment that the OS starts. So, I guess I don't really get the point of a tool like this. It's not also like there are all of these spectre exploits we need to protect ourselves from. This kind of feels like snake oil.

Microcode is a firmware for the CPU. It corrects HW bugs (erratas) and security vulnerabilities. It is embedded with the BIOS/UEFI.

Linux automatically updates the microcode during boot.

Windows doesn't update the microcode unless Microsoft issues a patch for your CPU.

So far, Microsoft released an update for Windows 10 and Sandy Bridge and newer.
 

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
13,147 (2.97/day)
Location
Concord, NH, USA
System Name Apollo
Processor Intel Core i9 9880H
Motherboard Some proprietary Apple thing.
Memory 64GB DDR4-2667
Video Card(s) AMD Radeon Pro 5600M, 8GB HBM2
Storage 1TB Apple NVMe, 4TB External
Display(s) Laptop @ 3072x1920 + 2x LG 5k Ultrafine TB3 displays
Case MacBook Pro (16", 2019)
Audio Device(s) AirPods Pro, Sennheiser HD 380s w/ FIIO Alpen 2, or Logitech 2.1 Speakers
Power Supply 96w Power Adapter
Mouse Logitech MX Master 3
Keyboard Logitech G915, GL Clicky
Software MacOS 12.1
Microcode is a firmware for the CPU. It corrects HW bugs (erratas) and security vulnerabilities. It is embedded with the BIOS/UEFI.

Linux automatically updates the microcode during boot.

Windows doesn't update the microcode unless Microsoft issues a patch for your CPU.

So far, Microsoft released an update for Windows 10 and Sandy Bridge and newer.
So, if it's handled when the OS boots, why do I need this and why should I care?
 

Regeneration

NGOHQ.COM
Joined
Oct 26, 2005
Messages
3,072 (0.46/day)
So, if it's handled when the OS boots, why do I need this and why should I care?

It is not handled by all OSes and you should care for both stability and security reasons.

Best thing to do is to check from within the OS, the last microcode revision for your CPU is 0x714.
 
Joined
Aug 20, 2007
Messages
20,627 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Like any hacker cares about your "sensitive" files.

There are people who do care, since sensitive includes financial stuff. Spectre isn't really ideal for that, but that being said, that's not the point of this thread nor the topic.

So, if it's handled when the OS boots, why do I need this and why should I care?

X58 has microcode that MS doesn't handle.
 

Ludwig von Ay

New Member
Joined
Dec 8, 2018
Messages
10 (0.01/day)
I'm not sure why anyone with a gaming pc would bother since it just will likely slow you down ...
I'm not shure if you can imagine there are some people out there who don't waste their time gaming but use their pc for useful things... They won't care about some microseconds I think.
 

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
13,147 (2.97/day)
Location
Concord, NH, USA
System Name Apollo
Processor Intel Core i9 9880H
Motherboard Some proprietary Apple thing.
Memory 64GB DDR4-2667
Video Card(s) AMD Radeon Pro 5600M, 8GB HBM2
Storage 1TB Apple NVMe, 4TB External
Display(s) Laptop @ 3072x1920 + 2x LG 5k Ultrafine TB3 displays
Case MacBook Pro (16", 2019)
Audio Device(s) AirPods Pro, Sennheiser HD 380s w/ FIIO Alpen 2, or Logitech 2.1 Speakers
Power Supply 96w Power Adapter
Mouse Logitech MX Master 3
Keyboard Logitech G915, GL Clicky
Software MacOS 12.1
It is not handled by all OSes and you should care for both stability and security reasons.

Best thing to do is to check from within the OS, the last microcode revision for your CPU is 0x714.
First of all, none of these fixes have anything to do with stability. I personally stopped using Windows 10 a couple years ago, but even then I was still getting microcode updates and with Ubuntu it's a non-issue. Would you care to enlighten me which OS don't provide microcode updates, because at least Windows 10 does and Linux has for a very long time.
Code:
jdoane@Kratos:~$ cat /proc/cpuinfo | grep microcode | head -n1
microcode    : 0x714
X58 has microcode that MS doesn't handle.
...and are you surprised for a platform that's a decade old? Although I bet that Intel is probably still updating Linux firmware for those CPUs which means that Microsoft just doesn't want to ship them for one reason or another. Perhaps there is a reason for it beyond just being dated hardware?

All of this is fine and dandy, but none of this changes the fact that we still haven't seen a real situation where spectre has been used as a vector for attack. So why are we bending over backwards to close a hole that isn't even realistic to exploit to do something useful (or malicious)? I said this after I read the whitepaper for the proof-of-concept proving that spectre is indeed an exploit. It literally just managed to grab some information at a very slow rate and that any change in system state could actually change the data you're trying to read. As a software engineer, I would be extremely surprised if someone manages to use this exploit to do much of anything. It's part of the reason that I use these flags on boot:
Code:
pti=off spectre_v2=off l1tf=off nospec_store_bypass_disable no_stf_barrier
The reality is that unless you're planning on running a multi-tenant server, almost none of this stuff helps us and only serves to hurt performance. ...and even in the case where it could be useful, we don't even have a single use case where the exploit has been usefully exploited.

So, pardon my skepticism, but I think that a lot of these exploits coming up have been hyped up far more than they should have. The reality is that almost no one would notice the difference. Just saying.
They won't care about some microseconds I think.
It can be a lot more than microseconds and often is measurable in benchmarks beyond variation introduced by error and chaos.

Honestly, there was a lot of backlash for the performance hit of the latest "hardening" patches to the Linux kernel. So bad that it ended up getting yanked out of the kernel until it could be done in a way that doesn't cripple performance.
https://www.phoronix.com/scan.php?page=article&item=linux-420-stibp&num=1
 
Last edited:
Joined
Aug 20, 2007
Messages
20,627 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Would you care to enlighten me which OS don't provide microcode updates, because at least Windows 10 does and Linux has for a very long time.

Am I on your ignore list or something?

Sandy bridge is the cutoff date for MS updates. X58 is an example case.

EDIT:

and are you surprised for a platform that's a decade old?

No, but it IS a use case and you are wanting use cases presumably.

Glad to have caught this, indicates I was wrong about being ignored. Apologies.

Perhaps there is a reason for it beyond just being dated hardware?

Honestly, doubtful. I have an X58 server running it fine.


Your criticisms of Spectre as a bug are valid, however, doesn't this open you to the much worse meltdown situation?
 

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
13,147 (2.97/day)
Location
Concord, NH, USA
System Name Apollo
Processor Intel Core i9 9880H
Motherboard Some proprietary Apple thing.
Memory 64GB DDR4-2667
Video Card(s) AMD Radeon Pro 5600M, 8GB HBM2
Storage 1TB Apple NVMe, 4TB External
Display(s) Laptop @ 3072x1920 + 2x LG 5k Ultrafine TB3 displays
Case MacBook Pro (16", 2019)
Audio Device(s) AirPods Pro, Sennheiser HD 380s w/ FIIO Alpen 2, or Logitech 2.1 Speakers
Power Supply 96w Power Adapter
Mouse Logitech MX Master 3
Keyboard Logitech G915, GL Clicky
Software MacOS 12.1
Your criticisms of Spectre as a bug are valid, however, doesn't this open you to the much worse meltdown situation?
I trust the code running on my machine, so I don't feel that it's an important enough mitigation to keep turned on for my use case on this particular machine. This isn't a decision I would make for any machine but, in this case I feel it's okay for this machine. I might change my mind about that assessment should I start letting other people (like the family,) use this computer, but right now I'm the sole user and I make every decision as to its operation and what runs on it.

With that said, my criticism really is mainly restricted to spectre variant mitigations.
 
Joined
Dec 13, 2014
Messages
433 (0.13/day)
Processor AMD Phenom II X4 925
Motherboard Gigabyte GA-78LMT-USB3 R2
Memory 4 GB DDR3 1333Mhz
Audio Device(s) onboard Realtek ALC892
Power Supply Seasonic S12II 620w (SS-620GB)
Software Windows 10 Education x64 21H2
I wonder if OP's Intel Microcode Boot Loader includes the newer "spectre" fixes from Intel security bulletin SA-00115 (CVE-2018-3639 & CVE-2018-3640):
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

THAT'S the one that concerns me the most. if the boot loader software does not have updated microcode for INTEL-SA-00115, then I'll pass and just apply any bios update that includes the fixes for CVE-2018-3639 & CVE-2018-3640
 

Regeneration

NGOHQ.COM
Joined
Oct 26, 2005
Messages
3,072 (0.46/day)
I wonder if OP's Intel Microcode Boot Loader includes the newer "spectre" fixes from Intel security bulletin SA-00115 (CVE-2018-3639 & CVE-2018-3640):
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

THAT'S the one that concerns me the most. if the boot loader software does not have updated microcode for INTEL-SA-00115, then I'll pass and just apply any bios update that includes the fixes for CVE-2018-3639 & CVE-2018-3640

Yes, it includes the latest microcode from Intel, including Spectre variants 3a and 4, for qualified processors (see this list).
 
Joined
May 15, 2014
Messages
235 (0.07/day)
Sandy bridge is the cutoff date for MS updates. X58 is an example case.

That's not correct. NHM & WSM also get OS ucode updates.

Aside: I just had an interesting problem with an 1156 system with Win10 1809. Spectre mitigations would not enable with all Win10 patches in place. Even tried KB4465065. The problem was an incorrect BIOS ucode on an Acer/Emachines motherboard. The Clarkdale cpuid: 20655 had BIOS ucode rev14 dated 2010 which isn't possible. The latest for 20655 is 7, so on bootstrap the CPU didn't accept the latest OS rev6 (KB4465065=rev7) that enables Spectre mitigation. The solution was to edit the BIOS, delete the wrong ucode & patch to a correct 20655 revision. OS now loads newer patches correctly. This gives an interesting attack vector.
 
Joined
Aug 20, 2007
Messages
20,627 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
That's not correct. NHM & WSM also get OS ucode updates.

Not that I've seen. My brother runs an up to date X58 system. No ucode updates via MS to date.
 
Joined
Dec 13, 2014
Messages
433 (0.13/day)
Processor AMD Phenom II X4 925
Motherboard Gigabyte GA-78LMT-USB3 R2
Memory 4 GB DDR3 1333Mhz
Audio Device(s) onboard Realtek ALC892
Power Supply Seasonic S12II 620w (SS-620GB)
Software Windows 10 Education x64 21H2
Yes, it includes the latest microcode from Intel, including Spectre variants 3a and 4, for qualified processors (see this list).

ah that's good.

I got confused because Intel SA-00115 (CVE-2018-3639 & CVE-2018-3640) were not mentioned in your documentation (on your web site) and Readme files for the latest version your microcode boot loader software. you should add them
 

xerces8

New Member
Joined
May 19, 2019
Messages
4 (0.00/day)
Is this based on biosbits.org ?

And therefore does not work in UEFI mode?

UEFI is more and more common these days. My system runs on it...

Regards,
David
 

Regeneration

NGOHQ.COM
Joined
Oct 26, 2005
Messages
3,072 (0.46/day)
Is this based on biosbits.org ?

And therefore does not work in UEFI mode?

UEFI is more and more common these days. My system runs on it...

Regards,
David

Yes. Most UEFI systems still get updates from the manufacturer. And besides, you can always enable legacy booting.
 

xerces8

New Member
Joined
May 19, 2019
Messages
4 (0.00/day)
Most UEFI systems still get updates from the manufacturer.
Lenovo Yoga 500-14IBD released in early 2016 got the latest BIOS update in august 2016.
My Medion P530D from 2012 had the last update in ... 2012.

There are a lot of (UEFI) systems that get no updates.
 

Regeneration

NGOHQ.COM
Joined
Oct 26, 2005
Messages
3,072 (0.46/day)
Lenovo Yoga 500-14IBD released in early 2016 got the latest BIOS update in august 2016.
My Medion P530D from 2012 had the last update in ... 2012.

There are a lot of (UEFI) systems that get no updates.

You can still run it via CSM / legacy boot.
 

xerces8

New Member
Joined
May 19, 2019
Messages
4 (0.00/day)
Of course.
But:
- you have to reinstall the OS (in legacy mode)
- you lose SecureBoot
- you lose GPT (problem especially of the primary HDD is over 2TB)
 

Ludwig von Ay

New Member
Joined
Dec 8, 2018
Messages
10 (0.01/day)
Hi Regeneration,

nothing else changed? So we just have to copy the database files to the stick?

Regards, Ludwig
 
Top