Spectre/Meltdown help- How do I update microcode ?

jetman

jetman

Level 10
Thread author
Verified
Well-known
Forum Veteran
Jun 6, 2017
482
2
1,794
868
Ire
Hi- I have been trying to understand how to protect my PC from the Spectre and Meltdown vulnerabilites. I run Windows 10 and have updated the BIOS (dated march 2018) from the manufacturers website. I have run a tool available from GRC.com called 'Inspectre' which indicates that I am supposedly protected against both attacks but that there is a 'microcode update available'. A bit of Googling suggests that this is something available from Intel but isn't automatically part of Windows updates. Any ideas on how to update this safely ? My PC is from 2012 so pretty old- and there is not much straightforward help on the manufacturer website. It took ages just to find whiere the Bios update was.

Thanks.
 
  • Like
Reactions: DeepWeb, upnorth, vtqhtr413 and 1 other person
Microcodes are pushed manually at great peril.

I'd wait for manufacturer updates that will push the microcode during bios updates. If they don't arrive, the recommended course of action is to try to use mitigation's, or replace hardware.
 
  • Like
Reactions: jetman and AtlBo
The microcode from hardware vendors sometimes can be hit and miss depending on the vendor and age of the product. Microsoft has been releasing updates to help fill the gaps. I believe many of them are suppose to be available through Windows Update, but there is a update you can download yourself and see if it updates it for you.

The updates are located here: Summary Of Intel Microcode Updates

Select the KB number associated with your version of Windows 10 , scroll down to the bottom where it says "How to obtain and install the update", it will bring you to the Microsoft Update Catalog and then just select version for your system (x86 or x64). After the download is done double click and install the update and restart your computer, then re-run In Spectre from GRC.
 
Last edited by a moderator:
  • Like
Reactions: jetman, harlan4096, AtlBo and 3 others
Need more info. AMD or Intel CPU? What CPU model? What OEM? What Windows 10 build? You said you already ran InSpectre and it's protected. Then you should be good to go. (y)
Think of microcode and drivers like car parts. You want the one originally designed for your hardware unless there is a critical security update or flaw. If it ain't broke don't fix it. That being said here is the latest Intel microcode update for Windows 10 April Update (1803) for Intel 6th-8th generation CPUs: https://support.microsoft.com/en-us/help/4346084/kb4346084-intel-microcode-updates

Older generations will get their microcode update over the next weeks or months. Usually the microcode comes bundled in your manufacturer's BIOS update. You said the latest update was from March 2018 then it's 99% likely that it's up to date.
 
  • Like
Reactions: jetman, harlan4096, AtlBo and 1 other person
Microsoft or your hardware manufacturer. You can mod your BIOS to inject the patch microcode, but that it is too risky for non experience user because this method can brick your system.
 
  • Like
Reactions: upnorth and jetman
crezz said:
Thanks for your replies everyone.

To answer the question from DeepWeb, it is an Intel i5-3230M processor running Windows 10 Pro 1803.
Click to expand...
@oldschool and @SumTingWong are incorrect. The microcode has been updated for those CPUs as well. Intel has said they wouldn't but they did it anyway.

https://support.microsoft.com/en-us/help/4093836/summary-of-intel-microcode-updates

Check the site I linked above. The list of CPUs supported is growing. Once you and me see our CPU models there we can download the updated KB# file. Right now, Microsoft is testing if the microcode is stable before they release it. They test the latest Intel CPUs first and then work their way backwards. So by the end of next week or so 5th and 4th gen CPUs will have the microcode update and then the rest soon hopefully.
 
  • Like
Reactions: oldschool and jetman
Thanks Deepweb- one final question. Will the Microsoft KB be automatically downloaded as part of the Windows update process or will it need to be downloaded manually ? Is it an essential update to get or might it brick my laptop and therefore not worth the risk of a manual download ?
 
crezz said:
Thanks Deepweb- one final question. Will the Microsoft KB be automatically downloaded as part of the Windows update process or will it need to be downloaded manually ? Is it an essential update to get or might it brick my laptop and therefore not worth the risk of a manual download ?
Click to expand...
Yes, if you are on the latest version of Windows 10. You are on the latest version of Windows 10 (1803) so once there is microcode for your CPU, Windows should update it automatically. The Windows update won't brick your laptop. If it did, it would brick millions of other laptops and Microsoft and Intel would be in a lot of trouble. That's why they are testing the code right now with Intel and OEMs to see if every computer is on the same board. It should be safe and fine to update. (y)
 
  • Like
Reactions: jetman and ForgottenSeer 72227
DeepWeb said:
Yes, if you are on the latest version of Windows 10. You are on the latest version of Windows 10 (1803) so once there is microcode for your CPU, Windows should update it automatically. The Windows update won't brick your laptop. If it did, it would brick millions of other laptops and Microsoft and Intel would be in a lot of trouble. That's why they are testing the code right now with Intel and OEMs to see if every computer is on the same board. It should be safe and fine to update. (y)
Click to expand...

Thanks so much @DeepWeb for that info. That makes it easy so I'll check it out. (y)Not that I would ever encounter Spectre… but hey why not check now and then for the update?
 
Last edited:
  • Like
Reactions: DeepWeb and ForgottenSeer 72227
Last edited:
  • Like
Reactions: roger_m and oldschool

You may also like...