What's new
  • Please do not post any links until you have 3 posts as they will automatically be rejected to prevent SPAM. Many words are also blocked due to being used in SPAM Messages. Thanks!

how many of you have udpated BIOS' on your personal PC's to fight Spectre & Meltdown?

Entz

Well-known member
Joined
Jul 17, 2011
Messages
1,878
Location
Kelowna
Most of my stuff is older and doesn't even have bios updates.

TBH I am not overly worried about it, it is a threat, but for the average home user I am not sure there really is a huge risk. If you got malware on your system your already screwed anyways. Now if I was running a cloud service where I am not in control of every VM that is a whole other story.
 

sswilson

Moderator
Staff member
Joined
Dec 9, 2006
Messages
24,613
Location
Moncton NB
Don't all spectre/meltdown attack vectors require physical access to the machine? (and no... while I have updated bios' since these were revealed, my reasoning has never been based on these security flaws)
 

sswilson

Moderator
Staff member
Joined
Dec 9, 2006
Messages
24,613
Location
Moncton NB
plus there is software to disable them so if the hit is too big you can get rid of those defense features

I don't believe the software you're thinking of is for disabling changes to bios.... pretty sure they're just for the OS "fixes".
 

JD

Moderator
Staff member
Joined
Jul 16, 2007
Messages
11,912
Location
Toronto, ON
Windows will do microcode updates on Intel processors I believe, so you'd also have to not use Windows Update, which I'd never advise of since that just puts you at even more risk.

I don't think the performance impacts are that noticeable for consumer usage. I think the impacts are really only observed on the virtualization side of things.

And generally speaking, the latest updates have minimized the lost performance from those mitigations.

Personally I've gone as far as updating the microcode myself in the BIOS of my gaming PC since ASUS showed no love for X99.
 

Vittra

Well-known member
Joined
Oct 30, 2009
Messages
1,237
Location
Ontario
Don't all spectre/meltdown attack vectors require physical access to the machine? (and no... while I have updated bios' since these were revealed, my reasoning has never been based on these security flaws)

Javascript proof of concepts have been released showing Spectre can be leveraged in web browsers, with mitigations since being applied by vendors.
 
Top