This message was posted on behalf of Intel Corporation
intellicious: Thank you very much for contacting the Intel® Processor communities. We will be more than glad to provide the information you are looking for.
In regard to your inquiry, a full list of Intel products impacted by this issue, along with other important details can be found here:
Any further questions, please let me know.
I do not work for Intel, but I will hazard a guess. Intel never released Windows 10 drivers for Sandy Bridge and related graphics, though Microsoft did take some Ivy Bridge drivers and massage them to create something close. Unfortunately I think Intel will repeat history and release Meltdown updates for Ivy Bridge and newer, leaving owners of Sandy Bridge out in the cold.
Intel is *very* strict when it comes to security issues. You can bet that microcode updates are being developed (if not already completed) for 2nd generation (Sandy Bridge) and perhaps even older processors - and Intel will, as they always do, deliver these updates to the O/S vendors for incorporation. Of course, it is still better (IMHO) to have the microcode updates installed by a BIOS...
However, that brings up a related problem. When I build/rebuild a Windows system, I look very closely at updates ostensibly for Intel hardware offered by Windows Update. I hide the one for ME -- due to your advice, thank you very much -- and instead use ones downloaded from Intel. But as you know, Microsoft has been offering spurious updates for older hardware, mainly pre-8 chipsets, that either cause trouble or don't do anything. I hope Intel offers the updates on its website, because I'm not sure I would accept them through Windows Update. If they're packaged in a Windows security update, there will be no problem.
1 of 1 people found this helpful
The whole situation is a big mess. Many people believe, "thanks" to clueless articles in IT media, that applying OS patches only is enough to mitigate the vulnerabilities. If Microsoft/Intel rely on hw vendors to push the CPU microcode update via BIOS updates, we will end up with tons of vulnerable machines because typical user don't know how and why to do it, moreover the process is risky because you can brick device that is out of warranty. Hardware vendors usually don't care about older devices support, so they won't bother with BIOS updates.
The only solution is that Microsoft delivers the updated CPU microcode via Windows (7, 8.1 and 10) Update and Intel should push Microsoft hard to do that. Hardware vendors aren't reliable there at all.
I wish I could help--but I have this problem too--and an Intel motherboard (MB)--bought & built by me--not a company, So only releasing the updates to companies will not do me any good, even if my Intel products were still supported.
DQ77MK MB (S/N BTMK249005UU) with a Gen 3--- i7-3770 @3.4ghz running W7 Pro all bought in feb of 2013--not even 5 years old!
In my case, the MB has available updates the Intel® Management Engine firmware 188.8.131.5208 dated 5/26/2017 and this is the very last update ever for this MB!
It also has Intel® Management Engine (Intel® ME) version 184.108.40.2066 driver dated 10/14/2013.
Also--Intel in their Security center post, implies only Gen 3 and higher will be updated to 220.127.116.1102 and higher--scroll down 2/3's.
Intel's Detection Tool found my system is Vulnerable.
After chatting with Intel support yesterday regarding the above 2 updates ME Driver and ME Firmware--the bottom line is:
"support---Thank you, this is a not supported product, it seems the firmware is independent of the operating system. Normally the firmware is updated before updating drivers. However I cannot guaranty it will work. Again, this product is not supported.4:19:09 PM
Me ---so--if I understand correctly--there is no ME fix for my board???4:20:37 PM
support--It is out of interactive support. I provided the last options we have for you. I recommend you to get a new system.4:21:49 PM"
So it appears--the ONLY way to protect my system is to load up with the best Malware and Firewall software, or replace the guts with newer updated gear.
Perhaps as some have suggested--Intel will not forget those of us who have invested in their products and apply a fix before the hackers figure out the path in--it won't be long I fear!
I received a fix from MS to Win 10 pro. it slows down my computer significantly. I attached results. Software used for testing was PerformanceTest 64 bit by Passmark. Hardware is Lenovo Thinkpad T440s model 20ARS04W00. First test was right before installing update. Next 3 after update. I could not first believe my eyes. But you can see results...
So Intel says that affect is not noticed by average user. That simply is not true.
Everybody who uses his/her computer every day like I do, will see (and pay) for the difference ;-(
PerfRes1.gif 173.0 K
- Install the Microsoft Windows 10 OS Kernel Patch:
Windows 10 Build (1607) KB4056890
Windows 10 Build (1703) KB4056891
Windows 10 Build (1709) KB4056892
- Flash your motherboard / computer with the manufacturers latest BIOS (still in the works)
- Install your motherboard / computer manufacturers latest Chipset driver (still in the works) Intel Management Engine 11.8 or newer corrects the issue
And if you're still worried about your computers security, Google "Intel Management Engine backdoor".
Dear Intel, it is becoming even more messy Reading Privileged Memory with a Side Channel
Quote from Lenovo: Withdrawn CPU Microcode Updates: Intel provides to Lenovo the CPU microcode updates required to address Variant 2, which Lenovo then incorporates into BIOS/UEFI firmware. Intel recently notified Lenovo of quality issues in two of these microcode updates, and concerns about one more. These are marked in the product tables with “Earlier update X withdrawn by Intel” and a footnote reference to one of the following:
This message was posted on behalf of Intel Corporation1 of 1 people found this helpful
Hello to everyone: We just wanted to inform that currently we are working and doing further research on this subject, as soon as I get any updates I will post all the details on this thread.
Any questions, please let me know.