cancel
Showing results for 
Search instead for 
Did you mean: 

SPECTRE and MELTDOWN: Bug rocks Intel / ARM CPUs

segfaulted
Level 7
Kinda glad I bought AMD this round. For those who don't know there is a new bug affecting just about every SKU from Intel made in the last .. ohh.. _DECADE_ or so. It's actually worse then F00F or FDIV. Only mitigation appears to castrate the CPU upward of 30%! (depending on processes).

Can Asus confirm AMD and more importantly for me, this or any AMD motherboard are not affected? If so, will there be RMAs?

Fun fact, Intel's CEO dumped stock back in November before they started issuing gags on people from even talking about it.

*****ASUS advisory page(may get updated): https://www.asus.com/News/V5urzYAT6myCC1o2 ******
787 Views
701 REPLIES 701

restsugavan wrote:
Absolutely yes , at least your system has fully protected and free from Spectre and ME Firmware vulnerables.
Shame on my Rampage VI Extreme there are no updates for the most expensive x299 mobo ever made.*
We will get money refund to support EVGA products soon.*


I don’t have evga, i have asus x99 strix and till now no bios 1901.
*According to*arestavo 😘http://www.overclock.net/t/1601679/broadwell-e-thread/7440
You can check his post and check evga website.
**

karserasl wrote:
User interaction? Access locally? LOOOOOOLL!

https://repl.it/repls/DeliriousGreenOxpecker

Check it out if you didnt patch your BIOS. Its a small test reading your WHOLE chrome session from memory. (OK not whole session, its a test. It will output "The Magic Words are Squeamish Ossifrage." from memory vertically)

So that means, you went to bank account and login, and then just came across this small js, which could be ANYWHERE, in ads, in iframes anywhere, and your bank account is stolen.

Tell me again how small is this problem.


As far as I understand that Oxpecker script sight runs on a cloud server not your local machine. So all your checking is that their server is not patched. I compiled it on my machine locally and windows defender blocks it before it can even run. I have to disable the virus protection in order to run it.

https://www.wilderssecurity.com/threads/kernel-memory-leaking-intel-processor-design-flaw-forces-lin...

I did find this web based checker and it says my browser is not vulnerable. I guess it does say it there might be other ways to exploit the bug etc.

https://xlab.tencent.com/special/spectre/spectre_check.html

MSI has released BIOS update from Z370 boards all the way to X99 boards: https://www.msi.com/news/detail/OkG5SUMDBqXU6aat7V7mjK19PeY9USryNqafkIcVX9KrTL9kD4wPpTAxIJCC2sBeYjNf...

Unfortunately, MSI doesn't support their Z87 and Z97 boards.

So any word on the x99-Deluxe series of boards?

I see other x99 board are getting updates.

Margus wrote:
asus told its 5 years old and no updates planned anymore witch is bad thinking for sutch issue.


Can you please elaborate? Did you contact them directly and was told this by official Asus support? Where are you getting this information? Thanks.

If the above post is true.

I think it's amazing there are so many people with z97 boards in here trying to solve this problem themselves and still Asus doesn't see there is any reason to do anything for us...:mad:

I'm using an i7-920 on the Rampage III Formula. This is an older motherboard with an X58 chipset.

The system itself is still quite capable of playing modern games. It is certainly more than enough to browse the internet or do MS Office for kids in school.

From post #161, we know Intel has provided the microcode fix for A LOT of legacy processors, including the i7-920.

So, I'm going to be forced to buy a new system, paying new system pricing, only to have it gimped because all Intel CPUs are vulnerable at this moment.

If I buy a new motherboard, new RAM, new processor, etc. then I am glad I have choices.

ASUS, you WILL lose a long time customer if there is no BIOS update for my Rampage III Formula motherboard to fix this stupid Intel BS.

TrevorK wrote:
I'm using an i7-920 on the Rampage III Formula. This is an older motherboard with an X58 chipset.

The system itself is still quite capable of playing modern games. It is certainly more than enough to browse the internet or do MS Office for kids in school.

From post #161, we know Intel has provided the microcode fix for A LOT of legacy processors, including the i7-920.

So, I'm going to be forced to buy a new system, paying new system pricing, only to have it gimped because all Intel CPUs are vulnerable at this moment.

If I buy a new motherboard, new RAM, new processor, etc. then I am glad I have choices.

ASUS, you WILL lose a long time customer if there is no BIOS update for my Rampage III Formula motherboard to fix this stupid Intel BS.



Older CPU's are listed, but it doesn't seem to mean the same as we have gotten a new microcode. I unpacked the microcode.dat and there is only five CPU's that have received a new microcode update thus far in 2018 and there is fourteen that received a new microcode in november-descember 2017. So it seems to be a total of ninteen CPU's/CPUID's that have received a patched microcode thus far.

My i7-3960X and E3-1275v2 have microcodes dating all the way back to 2012 and 2013. So nothing new for them thus far and I'm not sure they will ever receive a fix.

AndyU wrote:
At first, thank you for the URL to the binary2ascii microcode converter!

Two questions:

1) Did you try to restart computer? MIcrocode could survive during this process.
2) Do you have registry keys (https://support.microsoft.com/en-ca/help/4072698/windows-server-guidance-to-protect-against-the-spec...), which explicitly enable MS update?
3) Could you please show the output of Get-SpeculativeControlSettings?


I also used the new latest linux module that intel came out with and the microcode was a newer version than what I got out of the debian build.

1)So far when I restart the computer the driver updates the CPU microcode and I check it with the SIW tool.

2) I tried to update the registry keys and that didn't seem to help.

3)

PS C:\script\SpeculationControl> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: False

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: True [not required for security]

Suggested actions

* Follow the guidance for enabling Windows Client support for speculation control mitigations described in https://support.microsoft.com/help/4073119


BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled : True

firefox2026 wrote:
I also used the new latest linux module that intel came out with and the microcode was a newer version than what I got out of the debian build.

1)So far when I restart the computer the driver updates the CPU microcode and I check it with the SIW tool.

2) I tried to update the registry keys and that didn't seem to help.

3)

PS C:\script\SpeculationControl> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: False

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: True [not required for security]

Suggested actions

* Follow the guidance for enabling Windows Client support for speculation control mitigations described in https://support.microsoft.com/help/4073119


BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled : True


This is due to the driver not being present at boot, thus before hand-off, the older microcode is still present whilst the OS is loading. Best thing to do is to wait for the UEFI update.
9800X3D / 6400 CAS32 / ROG X870 Crosshair / TUF RTX 4090