Jump to content


Photo

Intel's Spectre BIOS Fix Causes Crashes On Broadwell, Haswell Systems

Warning

  • Please log in to reply
4 replies to this topic

#1 SceptreCore

SceptreCore

    Guru

  • Atomican
  • 9,995 posts

Posted 17 January 2018 - 09:26 PM

Intel has issued a statement confirming that BIOS patches for the Spectre vulnerability are causing crashes on Broadwell and Haswell systems.

 

The company wants us to know that it’s sticking to its recent commitment to put security first by confirming that it’s investigating an issue with the CPU microcode updates it issued to its hardware partners. These updates are being distributed to users’ systems as BIOS updates, which are just beginning to roll out.

 

Intel said that customers have reported “higher system reboots” (crashes) after applying BIOS updates. So far, the issue only affects Broadwell (Core i3/5/7 5000 series on for mobile) and Haswell(Core i3/5/7 4000 series for desktop and mobile). Intel didn’t specifically say if Broadwell-E (Core i7 6000 series on desktop) are also affected. The issues have been reported in both data centers and regular user systems.

 

We are working quickly with these customers to understand, diagnose and address this reboot issue. If this requires a revised firmware update from Intel, we will distribute that update through the normal channels.  We are also working directly with data center customers to discuss the issue.

 

Intel doesn’t recommend you ignore the BIOS updates from your system OEM, but you might want to wait for this to unfold if you’re using one of the affected CPUs. The BIOS fixes are used in conjunction with software fixes to mitigate Spectre Variant 2. If you have auto-updating turned on in your OS, then most likely you have already received the software side of the fix.

 

http://www.tomshardw...well,36324.html


RIG: Phenom II X6 1090T @ 4.0GHz | MSI 990FXA GD-80 | 8GB Corsair Vengeance @ 1600MHz 9-9-9-24 | MSI Radeon R7 370 | Patriot Pyro SSD 120GB SATAIII | 500GB + 1TB Barracuda's | LG GH22NS70 DVD-RW | Xigmatek Red Scorpion | Corsair HX650W | CM690


#2 aliali

aliali

    Titan

  • Super Hero
  • 24,467 posts

Posted 18 January 2018 - 05:19 PM

One of the Windows 7 updates for this also caused boot BSODs with some older AMD systems, That patch has since been removed and updated to fix the problem.

BSOD is 0x000000C4.

https://www.cnbc.com...pcs-freeze.html

https://answers.micr...cdd4cd56?auth=1


Of course you are my bright little star,

I've miles and miles of files pretty files of your forefather's fruit,

and now to suit our great computer. You're magnetic ink.


#3 SceptreCore

SceptreCore

    Guru

  • Atomican
  • 9,995 posts

Posted 19 January 2018 - 10:17 PM

Thanks for that Ali


Meltdown and Spectre: Good news for AMD users, (more) bad news for Intel

 

The good news: Microsoft suspended shipping its Spectre and Meltdown Windows patches to owners of AMD systems after some users found that they left their systems unbootable. Microsoft partially lifted the restriction last week, sending the update to newer AMD systems but still leaving the oldest machines unpatched.

 

Now the company has an update that works on those systems, too. If you're unfortunate enough to have installed the previous, bad update and now have a system that crashes on startup, you'll still have to roll back the bad update before you can install the new one. We've read reports that this is indeed possible, but unfortunately, Microsoft only offers generic guidance on troubleshooting blue screen of death crashes, not any specific steps to fix this specific issue.

 

The bad news: Intel has previously warned that the microcode update it issued to provide some processor-based mitigation for some kinds of Spectre attack was causing machines with Haswell and Broadwell processors to reboot. It turns out that the problems are more widespread than previously reported: the chip company is now saying that Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake systems are affected, too.

 

Intel says that it has reproduced the reboot issues and is working on identifying the root cause. It intends to ship a beta microcode to system builders next week.

 

What this means is that if you're lucky enough to have a system that is still being supported with firmware updates from its manufacturer—because let's be honest: good luck getting any firmware updates for any consumer PC or motherboard that's more than about 18 months old—you probably shouldn't install the firmware anyway. Unless, that is, you're in a high risk category such as a cloud host or VPS provider, in which case you'll just have to install it anyway, because the consequences of not upgrading are probably worse than the consequences of upgrading.


RIG: Phenom II X6 1090T @ 4.0GHz | MSI 990FXA GD-80 | 8GB Corsair Vengeance @ 1600MHz 9-9-9-24 | MSI Radeon R7 370 | Patriot Pyro SSD 120GB SATAIII | 500GB + 1TB Barracuda's | LG GH22NS70 DVD-RW | Xigmatek Red Scorpion | Corsair HX650W | CM690


#4 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,677 posts

Posted 19 January 2018 - 10:24 PM

Haswell here on an MSI board - latest Bios is just under 2 years old on a board that was released about 4 years ago.

I'm not real worried about this anyway... I think to fully exploit it you'd need to specifically run malicious code at the same time you had sensitive data memory reisdent, and even then it would need to know what and where to look.  And I have doubts any higher level language than compiled C, Delphi etc would be able to perform the exploit.



#5 SceptreCore

SceptreCore

    Guru

  • Atomican
  • 9,995 posts

Posted 20 January 2018 - 08:02 PM

Haswell here on an MSI board - latest Bios is just under 2 years old on a board that was released about 4 years ago.

I'm not real worried about this anyway... I think to fully exploit it you'd need to specifically run malicious code at the same time you had sensitive data memory reisdent, and even then it would need to know what and where to look.  And I have doubts any higher level language than compiled C, Delphi etc would be able to perform the exploit.

Well... now that the details about how it works are out... someone out there is coding to exploit. They know full well that the majority of system ship with their stock BIOS.

 

Maybe you can upgrade later on once stable versions start releasing.


RIG: Phenom II X6 1090T @ 4.0GHz | MSI 990FXA GD-80 | 8GB Corsair Vengeance @ 1600MHz 9-9-9-24 | MSI Radeon R7 370 | Patriot Pyro SSD 120GB SATAIII | 500GB + 1TB Barracuda's | LG GH22NS70 DVD-RW | Xigmatek Red Scorpion | Corsair HX650W | CM690





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users