no thanks. please, just let it apply only on recompiled software (if needed) like v1 mitigations. I do not need Spectrev2 firmware crap applied on drivers nor on games.

Let's wait and see if they are really stable... Oh I love this one here:

Ultimately, these updates will be made available in most cases through OEM firmware updates. I can’t emphasize enough how critical it is for everyone to always keep their systems up-to-date.

THEN GIVE US UPDATES FFS! o_O

Any need to revert the changes that was made with the last patch fix kb4078130 or will the new update overwrite everything?

fantaskarsef:

Let's wait and see if they are really stable... Oh I love this one here: THEN GIVE US UPDATES FFS! o_O

And do not cripple the performance in heavy tasks. 😉

fantaskarsef:

THEN GIVE US UPDATES FFS! o_O

Isn't that what this announcement is doing? Its delivering an update.

And where is the link to updated microcodes file? Come on...

mbk1969:

And where is the link to updated microcodes file? Come on...

I had a look for them on the Intel website amoungst Linux microcode updates, and it's not there - I have a suspicion that it's just been released to OEM's and hasn't actually been publically released for download. This was the latest one I could find & it's from 17th Nov (https://downloadcenter.intel.com/download/27337/Linux-Processor-Microcode-Data-File). I wasn't going to use it to apply a fix though - I'm gonna wait for it to come in the form of a BIOS update from MSI (the maker of my motherboard).

The previously released fix was stable on my PC. It would be funny if the new one causes issues for me and anyone else who didn't have issues prior :P

They are going to worry about fixing to be sold cpu's first.

Robbo9999:

I had a look for them on the Intel website amoungst Linux microcode updates, and it's not there - I have a suspicion that it's just been released to OEM's and hasn't actually been publically released for download. This was the latest one I could find & it's from 17th Nov (https://downloadcenter.intel.com/download/27337/Linux-Processor-Microcode-Data-File). I wasn't going to use it to apply a fix though - I'm gonna wait for it to come in the form of a BIOS update from MSI (the maker of my motherboard).

There was January updated file but they pulled it off. You are lucky to be sure of receiving updated BIOS from OEM. I will never get one, so I will do it myself. Although I have no trouble with January updated microcode.

Hilbert Hagedoorn:

On its website, Intel announced it has released stable patches for the second Spectre variant. Currently, the patches are only available for Skylake processors but Intel notes that patches for other p... Intel releases stable Spectre updates for Skylake

nice to hear update on this, still they need to force OS makers to PUSH Microcode updates, 90% public dont keep up with such fw/bios update and most never will, if it can be done with surface devices there no reason it cant be done for all devices , it just requires Manufacture to release what need and MS to push it. This whole rely on some one else to do it for them idea is a recipe for trouble. Intel is relying on customers to updates * again 90% public dont keep up with FW/Bios update and most never will either* Intel code easily make lil program with microcode update in it that will update there system to new microcode with click of button, but they wont, MS can push microcode update and has in the past, but I get they feeling they not gona push them either. When people start using that exploit and million start getting hit by it cause it was never plug cause it had to be done manual by people, they all wanted to not do what they should of i first place. there will be yet another law suit happening I said it once and will say it again, This mess and way it being handle is just as bad. 6months to year from now majority of people still wont be protected from this or patched. short of the new cpu that supposed to plug this.

They knew about it since summer, didn't do anything on purpose, and now they "share" how hard they work on it. SURE.

Think my sky-lake micro update came in the other day, turned on my pc and a window popped up saying something like motherboard resources, checked with the in Spectre Download v6b and fully protected, this was on x99 2 ASUS board and 7900x CPU, not sure if this was the update but never seen this popup before

nevcairiel:

Isn't that what this announcement is doing? Its delivering an update.

hehe true, only that I was referring to (the quoted) firmware updates, not what little information their post contains (and lots of empty words, in German commonly referred to as "blabla"). I have yet to see any offered by my mainboard manufacturer, at least one that they aren't warning against installing themselves.

cryohellinc:

They knew about it since summer, didn't do anything on purpose, and now they "share" how hard they work on it. SURE.

I keep seeing this over and over. What you wanted them to do? Cancel all CPU lines until 2019-2020 when proper architectural fixes will be ready? Replace them with something they didn't have? According to some security researcher firms all companies handled the situation quite well. Not perfectly for sure but patches were out in time things went public which was the plan from the beginning. If I have something to complain about that's the buggy microcode which caused issues on some people.

BlueRay:

I keep seeing this over and over. What you wanted them to do? Cancel all CPU lines until 2019-2020 when proper architectural fixes will be ready? Replace them with something they didn't have? According to some security researcher firms all companies handled the situation quite well. Not perfectly for sure but patches were out in time things went public which was the plan from the beginning. If I have something to complain about that's the buggy microcode which caused issues on some people.

How about delaying the release of Skylake and instead focus on fixing hardware issue (and it that wasn't possible) at least fix it on software/ firmware level working closely with MB manufacturers? Instead, they knowingly shipped it to consumers with the bug with "what ever happens approach". Such approach without the announcement of reasons for delay wouldn't create the shitstorm that we have now. Instead, god knows how many companies/consumers are now getting attacked/affected thanks to this vulnerability. And how many more (massive server hosts in specific) got messed up suddenly finding out about it. Shady scum, will always be - a shady scum. Which sadly Intel is, and most likely will be.

cryohellinc:

How about delaying the release of Skylake and instead focus on fixing hardware issue (and it that wasn't possible) at least fix it on software/ firmware level working closely with MB manufacturers? Instead, they knowingly shipped it to consumers with the bug with "what ever happens approach". Such approach without the announcement of reasons for delay wouldn't create the shitstorm that we have now. Instead, god knows how many companies/consumers are now getting attacked/affected thanks to this vulnerability. And how many more (massive server hosts in specific) got messed up suddenly finding out about it. Shady scum, will always be - a shady scum. Which sadly Intel is, and most likely will be.

This issue can't be fixed by delaying the CPUs. It needs major architectural changes which need 2-3 years to be made. They did work with other companies and released the fixes in time. The issue was well hidden for years on every CPU in existence. Not releasing CPUs for 2-3 years waiting for the major architectural redesigns is an economic suicide for any company. So Intel is scum but so does Qualcomm, Apple, AMD and everyone else released CPUs in the last decade which are vulnerable to Spectre. Patch your system and update your phone because no matter what brand of CPU you have you are vulnerable.

I can tell you one thing from all this, when i do upgrade my CPU in say 12 months time it defeintly won't be a Intel again, i have given them some leway on spilling the milk but they are taking far too long to clean it up, so back to AMD next year, and Asus can also suck a egg to mobo wise, i will be looking to the manufactor who has issued bios updates for boards to help close these flaws that are older then the ancient cobweb covered 3 year old board i have that Asus can't be bothered to issues a bios patch for. So bye bye Asus and Intel next year, yes i know AMD also suffer from similar issues but they seem to be less of a risk than a Intel cpu, but also more importantly it's a trust issue and Intel have lost mine over the way they have and are handling all this, AMD may be just the same but at present it's all i can really do choice wise.

BlueRay:

They did work with other companies and released the fixes in time.

Except they didn't, because they didn't test the fixes properly, and they've ALL been rolled back. Right now there is NO patch. Intel and vendors have told us not to install the microcode, Microsoft and Linux distros have turned off, rolled back, and/or are still developing their patches, drivers with fixes are not working. "In time", meant Jan 9, and it's mid-Feb with no real indication of when we'll get fixes that don't break everything. Don't get me wrong, I know we're going to see a performance hit, and I'm fine with that (well, I accept it....), but patches that introduce instability are a whole different thing to patches which introduce performance loss. I'm not just arguing with you for the sake of it, either. Everybody needs to learn from this. We had an embargo regarding the bugs so that vendors could cooperate in advance of the public announcement, and IT DIDN'T WORK. Instead of dropping the bombshell of the massive security problem, alongside patches to fix it, and everything working out as intended.... what actually happened was a massive crudstorm, the bad actors (hackers) getting an advance on the whole world's systems, hundreds of millions of dollars spent to patch systems and then unpatch them again, and a wave of foolish end-users risking their security over a few FPS. This is the worst thing to happen to computers aside from the y2k bug and unlike then, the IT industry completely blew it this time. We can learn from this. We SHOULD learn from this. In the name of protecting consumers, and protecting intellectual property, 'security by obscurity' has been employed to its most detrimental effect ever. Hating on intel (or any other company) for employing modern processing techniques is not productive. Nor is protecting them when they screwed up royally in recovering from the discovery of the vulnerabilities.

And I will never go to AMD side due to my prejudice toward poor AMD chipsets (and drivers).