1 2 Previous Next 26 Replies Latest reply on Feb 16, 2018 4:55 PM by Taalgaardenier

    Spectre and meltdown attacks affected cpus

    intellicious

      Is there any official statement to see what cpus are affected by those attacks?

      I'm interested more in Intel pentium g3248, g4560, Q6600 are those affected by both meltdown and spectre?

      Is there any intel cpu not affected at all by those 2 attacks?

        • 1. Re: Spectre and meltdown attacks affected cpus
          Intel Corporation
          This message was posted on behalf of Intel Corporation

          : Thank you very much for contacting the Intel® Processor communities. We will be more than glad to provide the information you are looking for.
           
          In regard to your inquiry, a full list of Intel products impacted by this issue, along with other important details can be found here:
          https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
           
          Any further questions, please let me know.
           
          Regards,
          Alberto R
           

          • 2. Re: Spectre and meltdown attacks affected cpus
            puppy

            Is Intel going to provide CPU microcode security update for 2nd Gen Sandy Bridge CPUs? Hardware vendors like Lenovo will not provide BIOS updates for 2nd Gen CPU devices so the microcode update would have been delivered by Microsoft via Windows Update. Will this happen?

             

            Thanks.

            • 3. Re: Spectre and meltdown attacks affected cpus
              paramountain

              I do not work for Intel, but I will hazard a guess. Intel never released Windows 10 drivers for Sandy Bridge and related graphics, though Microsoft did take some Ivy Bridge drivers and massage them to create something close. Unfortunately I think Intel will repeat history and release Meltdown updates for Ivy Bridge and newer, leaving owners of Sandy Bridge out in the cold.

              • 4. Re: Spectre and meltdown attacks affected cpus
                N.Scott.Pearson

                Intel is *very* strict when it comes to security issues. You can bet that microcode updates are being developed (if not already completed) for 2nd generation (Sandy Bridge) and perhaps even older processors - and Intel will, as they always do, deliver these updates to the O/S vendors for incorporation. Of course, it is still better (IMHO) to have the microcode updates installed by a BIOS...

                 

                ...S

                • 5. Re: Spectre and meltdown attacks affected cpus
                  marcoian

                  I have a motherboard Intel:

                  Board model: DG41WV

                   

                  Board Version: AAE90316-104

                   

                  Bios version: WVG4110H.86A.0015.2010.1111.1718

                   

                  Where can I find the patch to solve the meltdown and spectre attack?

                   

                  Thank in advance for your answer

                   

                  Regards

                  • 6. Re: Spectre and meltdown attacks affected cpus
                    paramountain

                    However, that brings up a related problem. When I build/rebuild a Windows system, I look very closely at updates ostensibly for Intel hardware offered by Windows Update. I hide the one for ME -- due to your advice, thank you very much -- and instead use ones downloaded from Intel. But as you know, Microsoft has been offering spurious updates for older hardware, mainly pre-8 chipsets, that either cause trouble or don't do anything. I hope Intel offers the updates on its website, because I'm not sure I would accept them through Windows Update. If they're packaged in a Windows security update, there will be no problem.

                    • 7. Re: Spectre and meltdown attacks affected cpus
                      puppy

                      The whole situation is a big mess. Many people believe, "thanks" to clueless articles in IT media, that applying OS patches only is enough to mitigate the vulnerabilities. If Microsoft/Intel rely on hw vendors to push the CPU microcode update via BIOS updates, we will end up with tons of vulnerable machines because typical user don't know how and why to do it, moreover the process is risky because you can brick device that is out of warranty. Hardware vendors usually don't care about older devices support, so they won't bother with BIOS updates.

                       

                      The only solution is that Microsoft delivers the updated CPU microcode via Windows (7, 8.1 and 10) Update and Intel should push Microsoft hard to do that. Hardware vendors aren't reliable there at all.

                      1 of 1 people found this helpful
                      • 8. Re: Spectre and meltdown attacks affected cpus
                        rondi

                        I wish I could help--but I have this problem too--and an Intel motherboard (MB)--bought & built by me--not a company, So only releasing the updates to companies will not do me any good, even if my Intel products were still supported.

                        DQ77MK MB (S/N BTMK249005UU) with a Gen 3--- i7-3770 @3.4ghz running W7 Pro all bought in feb of 2013--not even 5 years old!

                        In my case, the MB has available updates the Intel® Management Engine firmware 8.1.71.3608  dated 5/26/2017 and this is the very last update ever for this MB!

                        Download Intel® Management Engine Firmware 8.x Update for Intel® Desktop Board DB75EN, DQ77KB, DQ77CP, and DQ77MK

                        It also has Intel® Management Engine (Intel® ME) version 8.1.40.1416 driver dated 10/14/2013.

                        Download Intel® Management Engine Driver (5M) for 7 Series Chipset-Based Intel® Desktop Boards

                        Also--Intel in their Security center post, implies only Gen 3 and higher will be updated to 8.1.72.3002 and higher--scroll down 2/3's.

                        Intel® Product Security Center

                         

                        Intel's Detection Tool found my system is Vulnerable.

                        After chatting with Intel support yesterday regarding the above 2 updates ME Driver and ME Firmware--the bottom line is:

                        "support---Thank you, this is a not supported product, it seems the firmware is independent of the operating system. Normally the firmware is updated before updating drivers. However I cannot guaranty it will work. Again, this product is not supported.4:19:09 PM

                        Me ---so--if I understand correctly--there is no ME fix for my board???4:20:37 PM

                        support--It is out of interactive support. I provided the last options we have for you. I recommend you to get a new system.4:21:49 PM"

                         

                        So it appears--the ONLY way to protect my system is to load up with the best Malware and Firewall software, or replace the guts with newer updated gear.

                        Perhaps as some have suggested--Intel will not forget those of us who have invested in their products and apply a fix before the hackers figure out the path in--it won't be long I fear!

                        Ron

                        • 9. Re: Spectre and meltdown attacks affected cpus
                          chandras002

                          Well said. I agree. Can not depend on Hardware vendors.. particularly for normal home users unlike corporate /company who is PAID support.

                          1 of 2 people found this helpful
                          • 10. Re: Spectre and meltdown attacks affected cpus
                            Jampe

                            I received a fix from MS to Win 10 pro. it slows down my computer significantly. I attached results. Software used for testing was PerformanceTest 64 bit by Passmark. Hardware is Lenovo Thinkpad T440s model 20ARS04W00. First test was right before installing update. Next 3 after update. I could not first believe my eyes. But you can see results...

                             

                            So Intel says that affect is not noticed by average user. That simply is not true.

                            Everybody who uses his/her computer every day like I do, will see (and pay) for the difference ;-(

                            • 11. Re: Spectre and meltdown attacks affected cpus
                              savedinhi2018
                              • Install the Microsoft Windows 10 OS Kernel Patch:

                                     Windows 10 Build (1607) KB4056890

                                     Windows 10 Build (1703) KB4056891

                                     Windows 10 Build (1709) KB4056892

                               

                              • Flash your motherboard / computer with the manufacturers latest BIOS (still in the works)
                              • Install your motherboard / computer manufacturers latest Chipset driver (still in the works) Intel Management Engine 11.8 or newer corrects the issue

                               

                              And if you're still worried about your computers security, Google "Intel Management Engine backdoor".

                              https://it.slashdot.org/comments.pl?sid=10717233&cid=54579757

                              • 12. Re: Spectre and meltdown attacks affected cpus
                                puppy

                                Dear Intel, it is becoming even more messy Reading Privileged Memory with a Side Channel

                                 

                                Quote from Lenovo: Withdrawn CPU Microcode Updates: Intel provides to Lenovo the CPU microcode updates required to address Variant 2, which Lenovo then incorporates into BIOS/UEFI firmware. Intel recently notified Lenovo of quality issues in two of these microcode updates, and concerns about one more. These are marked in the product tables with “Earlier update X withdrawn by Intel” and a footnote reference to one of the following:

                                • 13. Re: Spectre and meltdown attacks affected cpus
                                  Intel Corporation
                                  This message was posted on behalf of Intel Corporation

                                  Hello to everyone: We just wanted to inform that currently we are working and doing further research on this subject, as soon as I get any updates I will post all the details on this thread.

                                  Any questions, please let me know.

                                  Regards,
                                  Alberto R 

                                  1 of 1 people found this helpful
                                  • 14. Re: Spectre and meltdown attacks affected cpus
                                    pgr

                                    Five years?  What about the Conroes I use daily, with Linux (not a distro, from scratch)?  They use speculative execution so are presumably just as vulnerable.  I see some microcode updates are available for Conroes, but do they fix the Spectre bug?

                                    1 2 Previous Next