Spectre and meltdown - firmware/UEFI update

I'm surprised nobody posted this already...
Since the failure of all CPU manufacturer cannot be mitigated only by software patches, firmware and/or BIOS/UEFI have to be updated.
This was acknowledged by many manufacturer, and partially by MSI in their official english forum (still no proper PR statement):
https://forum-en.msi.com/index.php?topic=297707.msg1677217#msg1677217
and:
https://forum-en.msi.com/index.php?topic=297753.0
https://forum-en.msi.com/index.php?topic=297707.50

Since we already know how to mod BIOS/UEFI, is there a way to manually patch our laptops ?
I own a GT72 2QE and I'm pretty sure that MSI will screw up as usual and not release anything for a 3 year old high end laptop so I went to try by myself.

 

There are KB updates for all Windows OS.
https://support.malwarebytes.com/docs/DOC-2297

 

Windows patches do not cover Spectre CPU design flaw holes...
Only firmware and/or UEFI/BIOS update can solve this issue, which the responsibility of Intel, amd, arm and oem.

 

If manufacturers are going to release BIOS patches, it's going to be limited to the products that were made within the past 3 years based on a product's lifetime.
For example, ASUS has released patches for their recent motherboards so far.
https://www.asus.com/News/V5urzYAT6myCC1o2

It's very likely to be a microcode update so it should be moddable.
- Update to latest Intel microcode 0x23.

 

Yes I believe so... Just hoping that Haswell will be updated for my GT72, otherwise will try by myself. As you mentioned it's just a microcode update mitigating the flaw.

 

i think that msi do make bios for security product . stop

 

I have a GE62-2QE with i7-4720HQ (Haswell) and 965m. Will be curious to see if those older models get the microcode/BIOS updates.

 

They should since these machines aren't that old when compared to Sandy Bridge or Ivy Bridge.

 

I can confirm that recieve Bios update because Spectre CPU...two days ago....
My laptop is GT72VR-7RE.

 

Its a desktop but MSI just sent out the Bios update for mine today. It's dated as 12/26 though.

 

uCode fix for Spectre, HT bug fix and Meltdown
http://forum.notebookreview.com/thr...-fix-and-meltdown.806451/page-4#post-10662550

That thread's been around since the Intel HT microcode update situation, still ongoing, and now updated to add the new microcode fixes, I sure hope they work...

It's not clear if simply loading in the OS a new microcode overlay fixes or activates the protections - @cesvicmor doesn't think so - but vendor BIOS updates are coming through and the test scripts / apps are showing success.

More info here too:

CPU Vulnerabilities, Meltdown and Spectre, Kernel Page Table Isolation Patches, and more
http://forum.notebookreview.com/thr...patches-and-more.812424/page-48#post-10662593

 

Need BIOS update
Need OS update
Need virus definition update

 

Yes I saw these topics. But at the time of my posting, the first one was not updated for Spectre Meltdown.
Moreover, the Vmware driver is loaded at boot after kernel and thus, is not a proper mitigation as is a real microcode update via Bios update, but it's better than nothing cause exploit needs to happen before this driver is loaded (at least that's my understanding).

 

Do the tests run and show success when using the vmware driver microcode application?

 

For my system (laptop MSI GT72 2QE, i7 4710MQ, Haswell), only partly, windows is not activating mitigation measure since he detects that the hardware is not using proper microcode...

As per: https://www.win-raid.com/t3351f47-Microcodes-for-branch-target-injection.html#msg46070
"It depends on the CPU. My IB-E has no HW support for mitigation against BTI, but new microcode brings that HW support, and it happens that Windows kernel is loaded before VMware driver and it sees that there is no HW support and disables the mitigation. Only after I patched the BIOS file and flashed it Windows enabled the mitigation. So if your CPU has HW support for BTI mitigation (with current microcode) then you can use VMware driver."

 

Would you be so kind as to reply to @cesvicmor in the other thread? I think they would appreciate the additional details in that thread too.

 

I asked MSI Tech Support about the possibility of a GP60 2QF bios update and they said that:
'We are currently working on this with MS&Intel.
And we will release the update in the [future].'

I hope Tech Support is informed fully of MSI's plans.

 

Hi this is my first post, i too own a GT72 2QE, and on Wednesday this week my wife used it for the 1st time after Christmas and it updated . Turned it off until Friday and it wouldn't post past the MSI screen, but i stumbled upon a work around

the full story is here,

https://forum-en.msi.com/index.php?topic=298281.0


but for some reason i cant access the msi forums as it says my password is wrong no matter if i change it or not.

Now for the kicker i went on today and uninstalled the update for spectre and disabled the windows update function. It now starts every time with out fail. So if any of you 2QE guys run into this, try getting rid of the update.

but it means that we NEED a bios update from MSI, if any off you are a member of the MSI forums and can log it can you update the post, so hopefully someone at MSI will see it

 

The MSI forums bug happens like every other day.
It's a bug.
Sometimes it says your password is wrong.
Sometimes it says the capitcha is wrong.
In those cases, you just have to wait....