Have two older clevos-will clevo release bios updates for spectre ?

Hi i have two older clevo laptops-m770cuh and w110er, my question is will clevo release any bios updates for spectre? Are my two laptops affected by this incident? Will clevo release anything for my laptops regarding the below as well? Thanks in advance for any good replies.

http://forum.notebookreview.com/threads/important-security-update.811312/

 

Both notebooks are affected yes. Clevo will not release anything since these models are EOL, however you might be lucky and see if people like Prema are going to release something, otherwise you'd need to ask someone who is able to mod your BIOS and add the code in it.

 

Patches should mitigate the biggest remote risks.

However if you are storing sensitive information on older hardware such as that then it might be prudent to plan to migrate that off.

 

Thanks for both replies so far. If i cant get any bios updates, you mean i shouldn't use the laptops when im connected to internet? The laptops are still perfectly good for general usage.

 

Prema is currently really busy and it's unlikely that he will push out microcode updates for older models anytime soon due to his extreme workload on newer BIOS versions, that being said, I already learned how to mod BIOS myself (honestly I was rather suprised how accessable it was) with a new microcode update, but since I don't really trust my own abilities right now and didn't flash it on my notebook, since I will first start doing that once my SPI programmer arrived to be safe, if the flash was a success and the need of the SPI programmer was not needed in the first place, then I'd also make some BIOS with a microcoded update for you, but expect that to be around end january - mid february, since that's when the SPI programmer will arrive.

 

Sure thanks! I wonder if any of the vendors would do this, my laptops have prostar serial numbers, I wonder if i should call them to see if they are able to provide bios updates.

 

Yeah why not,you could try and reach out to them. Let us know what answer you got.

 

Intel did neither make any Spectre fixes for Sandy / Ivy Bridge processors that your W110ER uses nor the Nahelem of your m770cuh, sorry man.

Only Haswell, Broadwell, SKL, KBL & KBL-R have received patches.

I would also avoid the Haswell fix, unless you are handling really sensitive data, as the current version isn't working properly, gives a mature performance hit and even killed a few boards...

Even the SKL+ codes where pulled from Linux today:

https://www.theregister.co.uk/2018/01/18/red_hat_spectre_firmware_update_woes/

 

The database on the intel website has a code from all CPU's from 2007 - 2017 tho? So not all codes are spectre fixed? Until when did they fix? Haswell? ivy?

Thanks for the heads up!
Guess intel messed up again ~.~

 

What about my m770cuh-core i7 620m?

 

Theres a good chance M$ will push microcode update through Windows update.

 

Intel works from newest to oldest. Meaning first the newest gets fixed, then they work their way down. so no, it's not fixed either.

I somehow can't see that coming.

 

The database always contains latest public revision of ALL MP microcodes and is not something they made specially for Spectre. Read my updated post above for details of what's 'fixed'.

 

yeah I read that, thanks a lot! Guess we will have to be patient.
I assumed they would have fixed all but seems they only caused a lot more problems more than anything else. Is there any thread or page where we can follow your testing results when the new code is going to roll out from intel at some point?

 

Watch the news all year long, this story is far from over...

 

I don't like the sound of that

 

From the article:

Very much incorrect then; a non-booting system is, intrinsically, safeguarded against any potential breach, including Spectre.

Also how certain database and system admins would like to see things; zero users and zero access, guaranteeing a safe and smoothly running environment .

 

It's not a bug, it's a feature!
Well for their ME bug, you don't even need to boot the system to access it.
So with the two bugs combined only 'the other guy' has access now.

 

Here is the reply i got from prostar:

"
Good evening,

Unfortunately, we do not have availability or access to BIOS updates for systems that are of this age. Regarding the "spectre" matter, we strongly suggest that you either look towards Windows 7,8,10 updates/security updates or you look towards anti-malware solutions, as a BIOS update is not what is going to correct this issue. BIOS updates are primarily to help get a system's hardware prepared for updated drivers for that system's operating systems. A BIOS update will not control virus matters whatsoever.

Anyways, we no longer have access to BIOS updates for either of these models. You can read more about the "spectre" virus/malware here:

https://arstechnica.com/gadgets/201...sing-trouble-as-realistic-attacks-get-closer/

And you can find many more articles on how to fix/repair/prevent this virus/malware here:

https://www.google.com/search?ei=BEFhWoz1HYf2jwPzg4yAAw&q=spectre+virus&oq=spctra+virus&gs_l=psy-ab.1.0.0i13i30k1j0i8i13i30k1l3j0i13i5i30k1j0i8i13i30k1.37165.37165.0.40084.1.1.0.0.0.0.173.173.0j1.1.0....0...1c.1.64.psy-ab..0.1.171....0.ynTDmAQ60AM" "

Thank you, "



And here is the reply i got from rjtech where i bought the laptops from

"The spectre and meltdown are fixed by Microsoft OS updates.

The Intel ME can be updated at:

http://rjtech.com/shop/index.php?dispatch=pages.view&page_id=25

Please use the bottom one for discontinued models.


Please let us know if you have any questions.

Best Regards!

Tech Support
R&J Technology
[email protected] "

 

Can still remove the drive physically and scan the data off

 

@Milardo Basically they are saying that since there are no BIOS updates available, the best protection against Meltdown/Spectre is to not connect to the Internet.

 

Does this affect the Clevo P751DM2-G, in any way?

This is a Kabylake-based system.

 

It affects most CPUs made this millennia and even beyond...that's why it's such a 'big deal'...

 

If your general use is just surfing or watching movies and something, you shouldn't be worried at all!