cancel
Showing results for 
Search instead for 
Did you mean: 
a__brown
Level 1
5 4 0 4
Message 1 of 67
23,534
Flag Post

BIOS updates for Meltdown and Spectre

HP Recommended
HP Compaq Elite 8300 Convertible Minitower PC
Microsoft Windows 10 (64-bit)

I can't find any response from HP on the updates Intel has issued for the Meltdown and Spectre vulnerabilities released yesterday. Intel says they have issued fixes and it's up the the OEMs to push the BIOS updates and I wanted a timeline for which machines are going to be patched. I am responsible for hundreds of HP desktops and laptops and wanted to know when a press release or article is going to be issued.

 

https://newsroom.intel.com/news-releases/intel-issues-updates-protect-systems-security-exploits/

 

 

66 REPLIES 66
banhien
Level 19
Level 19
92,786 92,664 11,997 25,578
Message 2 of 67
Flag Post
HP Recommended

@a__brown

 

Please try the following link first

 

   https://support.hp.com/us-en/document/c05843704

 

And what is your Spectre ?  Please use the following instructions to find out the model/product of your machine:

  http://support.hp.com/us-en/document/c00033108

  Please do NOT post its Serial number (s/n).

Regards.

BH
***
**Click the KUDOS thumb up on the left to say 'Thanks'**
Make it easier for other people to find solutions by marking a Reply 'Accept as Solution' if it solves your problem.



a__brown
Author
Level 1
5 4 0 4
Message 3 of 67
Flag Post
HP Recommended

I'm sorry, I believe the link you sent me is for the "KRACK" Wifi WPA2 vulnerability released Nov 1 2017. I am referrring to

CVE-2017-5753 and CVE-2017-5715 named "MELTDOWN" and CVE-2017-5754 named "SPECTRE" released Jan 3 2018.

 

HP may not have public press releases yet as the scheduled responsible disclosure date was Jan 9, but the embargo was broken and wondered if HP had a response yet.


Thanks!

0 Kudos
DGroves
Level 11
4,499 4,482 410 940
Message 4 of 67
Flag Post
HP Recommended

meltdown and spectre are not HP model  names, rather they refer to a hardware bug in the CPU's  the poster is jumping the gun since intel has not released the fix as of yet but should within the next week or so.

 

once intel releases the patch code, Microsoft (not HP) will provide a  software patch.

 

the bug is in the cpu hardware and a microcode/bios update is unable to fix this

( as has been mentioned in  press releases on this subject)

Tags (1)
a__brown
Author
Level 1
5 4 0 4
Message 5 of 67
Flag Post
HP Recommended

My apologies, but you are confusing meltdown with spectre. Please read my linked article from Intel. The Windows patch for Jan 2018 KB4056892 includes fixes for many of the meltdown issues, but after installing these patches from microsoft, they had the following information.

PS C:\WINDOWS\system32> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID optimization is enabled: False

Suggested actions

 * Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.
 * Follow the guidance for enabling Windows support for speculation control mitigations are described in https://support.microsoft.com/help/4072698

I think this is very early, so I'm not expecting the solutions right away, but I wanted to know where to look as HP starts communicating on this issue and figuring out where we stand.

Thanks!

a__brown
Author
Level 1
5 4 0 4
Message 6 of 67
Flag Post
HP Recommended

My apologies, but you are confusing meltdown with spectre. Please read my linked article from Intel. The Windows patch for Jan 2018 KB4056892 includes fixes for many of the meltdown issues, but after installing these patches from microsoft, they had the following information.

PS C:\WINDOWS\system32> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID optimization is enabled: False

Suggested actions

 * Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.
 * Follow the guidance for enabling Windows support for speculation control mitigations are described in https://support.microsoft.com/help/4072698



I think this is very early, so I'm not expecting the solutions right away, but I wanted to know where to look as HP starts communicating on this issue and figuring out where we stand.

Thanks!

0 Kudos
a__brown
Author
Level 1
5 4 0 4
Message 7 of 67
Flag Post
HP Recommended

*Edit* There seems to be something wrong with the forum as it has lost my post twice, but could you please provide information on where HP will discuss these issues? *end edit*

 

My apologies, but you are confusing meltdown with spectre. Please read my linked article from Intel. The Windows patch for Jan 2018 KB4056892 includes fixes for many of the meltdown issues, but after installing these patches from microsoft, they had the following information.

 

<get-speculationcontrolsettings code removed>

 

I think this is very early, so I'm not expecting the solutions right away, but I wanted to know where to look as HP starts communicating on this issue and figuring out where we stand.

Thanks!

0 Kudos
banhien
Level 19
Level 19
92,786 92,664 11,997 25,578
Message 8 of 67
Flag Post
HP Recommended

Hi all,

 

I read an article yesterday (Thursday Jan 4, 2018)  which is NO GOOD for MANY Intel machines

 

   http://au.pcmag.com/intel/51116/news/chip-design-flaw-not-limited-to-intel-researchers-say

 

Now I remeber where Meltdown and Spectre come from. Still too early, all vendors have to take time to develop fix or fixes.

 

And fixies will probably slow machines down.

 

Regards.

BH
***
**Click the KUDOS thumb up on the left to say 'Thanks'**
Make it easier for other people to find solutions by marking a Reply 'Accept as Solution' if it solves your problem.



0 Kudos
MI9
Level 1
5 5 0 2
Message 9 of 67
Flag Post
HP Recommended

Is there a way we can get this stickied? I want to be here this weekend to patch up, and I have several versions of HP computers to do this to. 

 

 

Sparkles93
New member
4 2 0 1
Message 10 of 67
Flag Post
HP Recommended

Here is what I have managed to gather:

Microsoft will be rolling out an automatic update to fix the issue. Here is the link to this info:

 

https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

 

They also give you an option to get the standalone package for the update by providing a link to the download:

 

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892

 

Unfortunately, the most we can do now is wait for the automatic updates if you are wary of getting the standalone package of the update. Also, a lot of articles I've read about this keep saying to make sure that you anti-virus is up to date and scans are perfomed regularly. Personally, I would at least run a quick scan daily until this issue is resolved and the official updates are rolled out. 

 

Here are articles that provide more info that I recently read:

https://www.cnet.com/how-to/how-to-fix-meltdown-spectre-intel-amd-arm-windows-mac-android-ios/

 

http://www.independent.co.uk/life-style/gadgets-and-tech/news/intel-chip-flaw-how-to-stay-safe-andro...

 

Hope this helps a bit! 

 

0 Kudos
Warning Be alert for scammers posting fake support phone numbers and/or email addresses on the community. If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation