• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Intel Releases "Spectre" Hardening Microcode Updates for "Ivy Bridge" thru "Westmere" Architectures

btarunr

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,675 (7.43/day)
Location
Dublin, Ireland
System Specs
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard Gigabyte B550 AORUS Elite V2
Cooling DeepCool Gammax L240 V2
Memory 2x 16GB DDR4-3200
Video Card(s) Galax RTX 4070 Ti EX
Storage Samsung 990 1TB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Intel today released the latest round of CPU micro-code updates for its processors, which expand support for Intel processor microarchitectures ranging all the way back to 1st generation Core "Westmere," and "Lynnfield," and including "Sandy Bridge" and "Ivy Bridge" along the way, at various stages of roll-out (beta, pre-production, and production). This update probably features hardening against "Spectre" variant 4, and perhaps even RSRR (rogue system register read) variant 3A, chronicled in CVE-2018-3640.



View at TechPowerUp Main Site
 
First were Bloomfield/Gainestown, only then die shrinks - Westmere/Gulftown.
 
Perf impact how much??
 
"back to 1st generation Core "Westmere," and "Lynnfield,"

Ferrum Master said:
First were Bloomfield/Gainestown, only then die shrinks - Westmere/Gulftown.
Click to expand...
It doesn't say all First Gen.
 
I actually just finished uninstalling the Spectre microcode update from Microsoft (KB4100347). FIgured out it was causing some constant stuttering on The Witcher 3 and Fortnite (i5 2500) on some very specific areas of the games. It affected these two games only, as far as I know.
 
ExV6k said:
I actually just finished uninstalling the Spectre microcode update from Microsoft (KB4100347). FIgured out it was causing some constant stuttering on The Witcher 3 and Fortnite (i5 2500) on some very specific areas of the games. It affected these two games only, as far as I know.
Click to expand...

You know spectre can be exploited as well by simply following a website?

I wonder after all the patches from Intel, how much real performance is left compared to AMD hardware.

For enterprise these patches impact some serious numbers.
 
ExV6k said:
I actually just finished uninstalling the Spectre microcode update from Microsoft (KB4100347). FIgured out it was causing some constant stuttering on The Witcher 3 and Fortnite (i5 2500) on some very specific areas of the games. It affected these two games only, as far as I know.
Click to expand...
I'm glad your games run better, no need to worry about being a host for the virus and passing it to countless others that think the mitigation is a waste of time …. :rolleyes:
 
Caring1 said:
I'm glad your games run better, no need to worry about being a host for the virus and passing it to countless others that think the mitigation is a waste of time …. :rolleyes:
Click to expand...

Are you really confusing vaccination with a microcode update ? What are you even talking about ?
I am stil waiting to hear about actual real world application of these "flaws". So far its all nerds complaining about bios updates.
 
Caring1 said:
I'm glad your games run better, no need to worry about being a host for the virus and passing it to countless others that think the mitigation is a waste of time …. :rolleyes:
Click to expand...
Nice try, troll. Except Spectre is nothing like a virus, it doesn't "spread" out. Do your homework.
 
mad1394 said:
Are you really confusing vaccination with a microcode update ? What are you even talking about ?
I am stil waiting to hear about actual real world application of these "flaws". So far its all nerds complaining about bios updates.
Click to expand...
Pretty sure at the end of all that waiting there will be the invariable pointing of fingers at anything but yourself. And I've seen this 1000 times.

Then again people have been known to save their credentials on internet cafe computers because it was too much of a bother to enter them 2-3 times. Why would a stuttering game be any different?

But you're right, this should not be confused with vaccination. That's a whole different ballgame with different stakes.
 
Low quality post by dogsbody
Caring1 said:
I'm glad your games run better, no need to worry about being a host for the virus and passing it to countless others that think the mitigation is a waste of time …. :rolleyes:
Click to expand...
Forums should employ some kind of IQ test as an additional entry barrier. A minimum score of 60 should be the requirement to confine the likes of you outside.
 
My PC still has Ivy Bridge CPU in it. I am not going to "upgrade" to this, mainly because noone else but my wife has physical access to my PC, so Spectre and friends can bite my shiny metal ass, and also because I don't need to lower performance. Not on relatively old system at least.
 
I was worried after Haswell microcode update, that my mobo manufacturer will not release updated BIOS. I was right, but after submitting a feedback form on a product page (Asus Z97M-PLUS) with serial number of the motherboard, I received email with BIOS binary with updated microcode.

Only bad thing that they didn't updated official BIOS on the product page. So please, bombard you mobo manufacturer with requests for updated BIOS.

Screen-Shot-2018-07-02-at-14.59.16.png
 
Low quality post by Caring1
dogsbody said:
Forums should employ some kind of IQ test as an additional entry barrier. A minimum score of 60 should be the requirement to confine the likes of you outside.
Click to expand...
This forum should have a filter to weed out trolls such as yourself, only your 2nd post and nothing about the topic. Reported!
Even your "system specs" is trolling.
 
Static~Charge said:
Spectre is not a virus, nor is it a host for viruses:

https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
https://meltdownattack.com/
https://www.csoonline.com/article/3...hat-they-are-how-they-work-whats-at-risk.html

Get your facts straight. :shadedshu:
Click to expand...

Thanks.

Sadly, as much as I agree with one of the low quality posts about us needing to filter better, an IQ test would kill us (I mean, have you ever taken one?), and is biased to certain groups besides... What we are doing now is fine.
 
I've taken one (admittedly in around 1983) and I'd pass the low quality post's criteria based on it. ;)
 
nemesis.ie said:
I've taken one (admittedly in around 1983) and I'd pass the low quality post's criteria based on it. ;)
Click to expand...

So,

Can you honestly say you'd take another one, just to post here?

I'll answer for you (and keep in mind I love it here):

Fuck no.
 
No, not at all. That was kind of my point, I've had no interest in over 30 years of doing it again and only did it as it was a free program bundled with a ZX Spectrum or something.

It also doesn't test any kind of practical knowledge. "Common sense is unfortunately not very common" comes to mind. :)
 
I know that it was proven that spectre was a valid exploit but, the simple fact on how it works makes it really hard to actually use for malicious intent. Exposing 1,400 to 2,000 bytes a second (unmitigated,) bit by bit and not all at once, only makes it useful if you know where something is and know that it's not changing or being moved somewhere else. On top of that, the machine also has to be compromised and it needs to be in a sufficiently low level language to exploit how the instructions get compiled, so basically C is your only real option. You also need to know exactly where the data you want is. There have been proof of concepts showing how restricted memory can be accessed but, have there been any proof on concepts actually trying to get secure data rather than bytes set by the developer in the PoC environment? Memory tends to change in an active system quite a bit. Pages get moved, swapped out and in, and actively changed by whatever is going on. Where and when are two very huge factors when trying to exploit spectre.

So, this exploit has been known for a while now, right? Has any malicious software actually been identified as trying to use this exploit and being successful at it? Is it even feasible? I know it can be done but, is it realistic?
 
Static~Charge said:
Spectre is not a virus, nor is it a host for viruses:

https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
https://meltdownattack.com/
https://www.csoonline.com/article/3...hat-they-are-how-they-work-whats-at-risk.html

Get your facts straight. :shadedshu:
Click to expand...
Pedantic aren't WE!
Virus may have been the wrong term (semantics) but the fact remains (IF) stolen data is used that contains usernames/ passwords etc, it can be used to gain control of systems.
If an IQ test were implemented, quite a few members should fail based on their lack of ability to read between the lines and lack of lateral thinking.
 
Nice of Intel to do this, now I could get my old 1156 platforms a rejuvenation.
 
ExV6k said:
Except Spectre is nothing like a virus, it doesn't "spread" out.
Click to expand...
I agree, anyway you could have used inspectre application which enables you to disable spectre patch whenever you wish and re-enable it when using the internet or doing other stuff.
 
Caring1 said:
If an IQ test were implemented, quite a few members should fail based on their lack of ability to read between the lines and lack of lateral thinking.
Click to expand...

We'd also probably have about 2 users and I for one wouldn't be one of them.
 
IQ tests test your ability to take IQ tests, in my experience.
 
You must log in or register to reply here.
Back
Top