View Single Post
Old February 16th 18, 03:20 PM posted to alt.comp.periphs.mainboard.gigabyte
external usenet poster
Posts: 1,467
Default Meltdown, Spectre

Richard Fonfara wrote:

does anyone know, if the motherboard GA-H77-D3H Rev. 1.0 will get
updates against Meltdown and Spectre?

There are various issues.

1) At a guess, your Ivy Bridge is about six months outside
the Intel patch window.

2) Then, we don't know how many motherboards Gigabyte
is willing to patch and re-release. They can't release a
BIOS unless they test it (each and every one).

3) Everyone in the industry should be doing testing
before release. I'm not convinced *any* of the companies
have the necessary test facilities. (It means keeping old
computers around, in large test rooms. It takes a lot of space
to have representative samples.)

In addition:

4) The BIOS patch doesn't cover every exploit.

5) Microcode loaders exist in the BIOS (what the BIOS
patch is about). Microcode loaders also exist in Windows
and Linux. Ubuntu received the Jan.8 microcode for its
boot loader, because I observed it loading the new version
for my Ivy Bridge E.

6) Microsoft has said it isn't going to put this patch in
its microcode loader, even though it's been patching processors
this way for years.

7) The normal purpose of microcode patches is "CPU functional patching".
Meaning if a part of a CPU design has a bug, they patch it
with microcode. But the issue at hand is a security bug,
not a functional bug. And there is also no mechanism for
"gating" patches or being selective about what gets patched.
The system has worked to date, in an "all or nothing" manner,
with Microsoft trusting Intel not to foul up.

If you don't get a patch, you're not missing anything.

The Jan.8 microcode was retracted by Intel, it's been removed
from the Ubuntu I tested on. And since Microsoft never released
it (updated the equivalent of microcode.dat in the OS), Microsoft
didn't have to retract anything (how clever...).

People with Haswell and Broadwell processors, who did install
the BIOS patch, were treated to "frequently rebooting computers".
So they would have had to back out those BIOS flashes.

You have plenty of time to sit and wait, while these
large companies fumble the ball. Buy yourself some
popcorn and enjoy the show. And don't be in a rush.

It could easily be June, before we have the foggiest
idea "what the new plan is".