01-02-2018 11:05 PM - last edited 3 weeks ago by ROGBot
01-19-2018 12:01 PM
Arne Saknussemm wrote:
Intel update yesterday....makes clear the microcode updates are flawed and it is still in BETA testing of microcode updates...but you should update anyway...
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
"Intel has made significant progress in our investigation into the customer reboot sightings that we confirmed publicly last week
Intel has reproduced these issues internally and has developed a test method that allows us to do so in a predictable manner
Initial sightings were reported on Broadwell and Haswell based platforms in some configurations. During due diligence we determined that similar behavior occurs on other products including Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake based platforms in some configurations
We are working toward root cause
While our root cause analysis continues, we will start making beta microcode updates available to OEMs, Cloud service providers, system manufacturers and Software vendors next week for internal evaluation purposes
In all cases, the existing and any new beta microcode updates continue to provide protection against the exploit (CVE-2017-5715) also known as “Spectre Variant 2”
Variants 1 (Spectre) and Variant 3 (Meltdown) continue to be mitigated through system software changes from operating system and virtual machine vendors
As we gather feedback from our customers we will continue to provide updates that improve upon performance and usability
Intel recommendations to OEMs, Cloud service providers, system manufacturers and software vendors
Intel recommends that these partners maintain availability of existing microcode updates already released to end users. Intel does not recommend pulling back any updates already made available to end users
NEW - Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations
NEW - We further recommend that OEMs, Cloud service providers, system manufacturers and software vendors begin evaluation of Intel beta microcode update releases in anticipation of definitive root cause and subsequent production releases suitable for end users"
01-18-2018 08:05 AM
01-18-2018 03:35 PM
wootwoots wrote:
So, any news for Z97 MB ?
01-18-2018 02:07 PM
01-19-2018 05:31 AM
Antony-rog wrote:
One thing I do not understand is if there is a security issue, practically every system sold, how come some say it's best to leave it as it is, others say it should be remedied, but it will hurt a lot (performance), and already is there any new BIOS / Firmware versions for some product lines that, like Intel if it has been published, affects almost all processes or sold?
Another thing, is there a possibility of system crash when trying to exploit this vulnerability?
Remember the world ransomware attack? There are probably already teams trying to hone that attack using these new vulnerabilities.
There is also the problem of banking transactions, stocks, virtual currencies and cryptocurrencies. A nightmare.
I have four systems, all more then two years old in production. I have one system with an ROG Maximus IV Formula and a ROG GL552VW from Asus, those are on Intel, others on AMD, actually, one Dell on Intel as well.
The laptop is banking only and there isn't even a schedule for them on the site.
Really interesting fact about Brian Krzanich!
01-19-2018 06:43 AM
01-19-2018 12:51 PM
ritchiedrama wrote:
Is there a bios update for spectre yet with the ASUS Maximus Hero x? Nothing on the website and I've read through the forums a fair bit, can't see anything, maybe I'm blind?
01-19-2018 01:44 PM
01-18-2018 04:27 PM