cancel
Showing results for 
Search instead for 
Did you mean: 

SPECTRE and MELTDOWN: Bug rocks Intel / ARM CPUs

segfaulted
Level 7
Kinda glad I bought AMD this round. For those who don't know there is a new bug affecting just about every SKU from Intel made in the last .. ohh.. _DECADE_ or so. It's actually worse then F00F or FDIV. Only mitigation appears to castrate the CPU upward of 30%! (depending on processes).

Can Asus confirm AMD and more importantly for me, this or any AMD motherboard are not affected? If so, will there be RMAs?

Fun fact, Intel's CEO dumped stock back in November before they started issuing gags on people from even talking about it.

*****ASUS advisory page(may get updated): https://www.asus.com/News/V5urzYAT6myCC1o2 ******
766 Views
701 REPLIES 701

Good afternoon,

I have a Maximus Gene VIII motherboard, can someone please specify when will a fix for the Spectre exploit will be out?
https://www.asus.com/News/V5urzYAT6myCC1o2 <- This is unprofessional Maximus Gene VIII is allready at 3504.

Powershell:
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True


Speculation control settings for CVE-2017-5754 [rogue data cache load]


Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: True [not required for security]


Suggested actions


* Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.




BTIHardwarePresent : False
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : True
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled : True

geneo wrote:
I got 9% drop.


Out of interest...which score in particular, if any, got hit the hardest?

@mscaf Since ASUS will not update our z97 MB, I editet the BIOS adding the new Intel's CPU microcode v23.
@gneo That's true. After applying the patch, the system got a bit slower. I got some WHEA errors. This is just horrible and unacceptable. I will rollback and flash the previous BIOS again, waiting for the next (and better) microcode update.

AikonCWD wrote:
@mscaf Since ASUS will not update our z97 MB, I editet the BIOS adding the new Intel's CPU microcode v23.
@gneo That's true. After applying the patch, the system got a bit slower. I got some WHEA errors. This is just horrible and unacceptable. I will rollback and flash the previous BIOS again, waiting for the next (and better) microcode update.


Well, your best bet is to wait for ASUS to release the official stable BIOS like me which is going to take 2 months I doubt. I also doubt ASUS teams are searching around the warehouse right now for Z97, and X99 boards.

AikonCWD wrote:
@mscaf Since ASUS will not update our z97 MB, I editet the BIOS adding the new Intel's CPU microcode v23.


I have a Z97-A mobo. Any chance you could share how I can update the microcode for it mitigate Spectre? Currently on Z97-A-ASUS-2801 BIOS.

trafsta wrote:
I have a Z97-A mobo. Any chance you could share how I can update the microcode for it mitigate Spectre? Currently on Z97-A-ASUS-2801 BIOS.

Are you asking how to update a BIOS? Which should be obvious. So ,either the question is too basic or to complex for me to understand... 😄

sizeof(void) wrote:
Are you asking how to update a BIOS? Which should be obvious. So ,either the question is too basic or to complex for me to understand... 😄


lol 🙂 The Z97-A is not on Asus' "officially-to-be-updated" list of mobo's. But this user has manually injected the new microcode update from Intel into his Z97 Gaming Edition BIOS file using the previously released BIOS firmware. I have done this sort of thing in the past (like a decade ago lol), so I'm hoping it's not too complicated and that this user could share how he did it for other Z97-A users such as myself.

Eventually Asus might decide to officially release a Z97-A BIOS upgrade to mitigate Spectre... but I am not holding my breath

trafsta wrote:
lol 🙂 The Z97-A is not on Asus' "officially-to-be-updated" list of mobo's. But this user has manually injected the new microcode update from Intel into his Z97 Gaming Edition BIOS file using the previously released BIOS firmware. I have done this sort of thing in the past (like a decade ago lol), so I'm hoping it's not too complicated and that this user could share how he did it for other Z97-A users such as myself.

Eventually Asus might decide to officially release a Z97-A BIOS upgrade to mitigate Spectre... but I am not holding my breath


That is, there is no official way to update our Z97 mobo's. Also ASUS said that they will only update BIOS for mobo's using CPU of 6th, 7th and 8th gen. Our mobo is for 4th gen CPU's, so we won't get any official update from ASUS.

Knowing this, I can use the last official BIOS and inyect the new CPU microcode. It's a bit hard to explain because I'm not an english user and I think it will be a bit hard to me explaining this on english. Anyway... wait. The current Intel's CPU microcode v23 (Haswell, for my i7-4790k) is currently buggy. We need to wait for another update from Intel.

If you wanna need more info on how to edit the official BIOS, I used this:

Repository of Intel's CPU microcode updates: https://downloadcenter.intel.com/download/27431/Linux-Processor-Microcode-Data-File (curent file 1-8-18 is buggy)
Tool to extract latest Intel microcode for bios modding: https://www.wimsbios.com/forum/bios-utilities-flash-programs-f36/tool-extract-latest-intel-microcode...
Python tool to convert BIN microcode into DAT microcodes: https://gist.github.com/aikoncwd/4e6596fdc244b1cdbfd19e3f4558ee68 (to perfom integrity checks)
Database to know the CPUID of your current CPU: http://www.cpu-world.com/cgi-bin/CPUID.pl
A tool to edit BIOS and inyect microcodes: https://www.win-raid.com/t154f16-Tool-Guide-News-quot-UEFI-BIOS-Updater-quot-UBU.html
A tool called AFUDOS to writte the modded BIOS, bypassing ASUS integrity check: https://ami.com/en/resources/resource-library/?product=Aptio%20V&productid=15&type=related

AikonCWD wrote:
That is, there is no official way to update our Z97 mobo's. Also ASUS said that they will only update BIOS for mobo's using CPU of 6th, 7th and 8th gen. Our mobo is for 4th gen CPU's, so we won't get any official update from ASUS.

Knowing this, I can use the last official BIOS and inyect the new CPU microcode. It's a bit hard to explain because I'm not an english user and I think it will be a bit hard to me explaining this on english. Anyway... wait. The current Intel's CPU microcode v23 (Haswell, for my i7-4790k) is currently buggy. We need to wait for another update from Intel.

If you wanna need more info on how to edit the official BIOS, I used this:

Repository of Intel's CPU microcode updates: https://downloadcenter.intel.com/download/27431/Linux-Processor-Microcode-Data-File (curent file 1-8-18 is buggy)
Tool to extract latest Intel microcode for bios modding: https://www.wimsbios.com/forum/bios-utilities-flash-programs-f36/tool-extract-latest-intel-microcode...
Python tool to convert BIN microcode into DAT microcodes: https://gist.github.com/aikoncwd/4e6596fdc244b1cdbfd19e3f4558ee68 (to perfom integrity checks)
Database to know the CPUID of your current CPU: http://www.cpu-world.com/cgi-bin/CPUID.pl
A tool to edit BIOS and inyect microcodes: https://www.win-raid.com/t154f16-Tool-Guide-News-quot-UEFI-BIOS-Updater-quot-UBU.html
A tool called AFUDOS to writte the modded BIOS, bypassing ASUS integrity check: https://ami.com/en/resources/resource-library/?product=Aptio%20V&productid=15&type=related


I'm sure someone will come up with a step by step on here and if not on Fernando's site once we get microcode from intel that is more stable and doesn't impact as much.
Panteks Enthoo Elite / Asus x299 Rampage VI Extreme / Intel I9-7900X / Corsair Dominator RGB 3200MHz

MSI GTX 1080 TI / 2x Intel 900p / Samsung 970 Pro 512GB

Samsung 850 PRO 512GB / Western Digital Gold 8TB HD

Corsair AX 1200i / Corsair Platinum K95 / Asus Chakram

Acer XB321HK 4k, IPS, G-sync Monitor / Water Cooled / Asus G571JT Laptop

SumTingWong wrote:
Computer cannot get infected without user interactions, am I right? So as Intel said, attacker need to access your OS locally, so this is not an airborne attack. It require you to access a malicious site or an email attachment or whatever able to deliver the payload, and run the malicious application in order to exploits Meltdown and Spectre vulnerability. But that doesn't mean we shouldn't patch it before it too late. Microsoft already done their part on Meltdown, and Intel vows that at the end of January all CPU been produced the last 5 years will be patch. However, Intel doesn't tell us how this will be distribute, but Intel did mentioned that they are working with motherboard vendor to push out the firmware to consumers. To put it simply understanding, we have to wait for the motherboard vendors to push them out because Intel have no control on it.


User interaction? Access locally? LOOOOOOLL!

https://repl.it/repls/DeliriousGreenOxpecker

Check it out if you didnt patch your BIOS. Its a small test reading your WHOLE chrome session from memory. (OK not whole session, its a test. It will output "The Magic Words are Squeamish Ossifrage." from memory vertically)

So that means, you went to bank account and login, and then just came across this small js, which could be ANYWHERE, in ads, in iframes anywhere, and your bank account is stolen.

Tell me again how small is this problem.