Solved: Re: Bios - HP Support Community

GIUSEPPE87 · ‎04-04-2018

Good evening!
I ask, kindly, information about the Bios and more precisely an update that brought me back to Specter's vulnerability. Given that my PC is a "Desktop HP Pavilion 500-519nl", a few days ago I updated the Bios to the version "A0.16 Rev.A", dated 4/02/2018, previously I had installed the version "A0. 15 Rev.A ", dated 12/28/2017 and which itself gave me no more vulnerabilities to either Specter or Meltdown. If I wanted to go back to the previous version, could I have some problems? Thanks, Giuseppe.

mdklassen · ‎04-05-2018

> The December update did not give me any kind of problem,

Correct. It was a BIOS update to address the vulnerabilities, but Intel and HP quickly "pulled" the update, because it caused more problems than it solved, as I stated.

> This February gives me Spectre's vulnerability.

Correct. The replacement BIOS update removed the "bad" update from December, restoring the BIOS to its "pre-December" state.

> I wanted to know if I can get the December update back or not.

Exploitation of the Spectre/Meltdown vulnerability requires that your computer already be compromised.

So, if you prevent your computer from being compromised, the presence of the vulnerability will not be a problem.

If you leave cash on your kitchen table, and lock the doors when you leave your home, then a thief cannot easily enter your home, to grab the cash -- the vulnerable cash cannot be accessed by the exploitative thief.

I recommend that you wait for for Intel and HP to issue a "version 2" of the update.

Given that your computer was manufactured in 2013 or 2014 or 2015, it may be a while before Intel updates all its 2018 & 2017 & 2016 processors, before they address your older processor.

View solution in original post

mdklassen · ‎04-04-2018

The "December" update that you applied was a "bad" update -- it caused more problems than it fixed.

You need to apply a more-recent update -- see below.

See: HP Consumer Desktop PC BIOS Update (ROM Family SSID 2B2C)

Type: BIOS

Version: A0.16 Rev.A
Release date: Feb 4, 2018
File name: sp85299.exe (14.7 MB)

Fixes - Rollback the CPU Microcode to prevent system instability issue.

Version: A0.15 Rev.A (Dec 28, 2017)

Fixed in this release: - Updates the microcode for Intel processor security enhancement.

** After this BIOS update has been installed, previous BIOS versions cannot be reinstalled.

Version: A0.14 Rev.A (Nov 21, 2017)

Fixed in this release: - Improved security of UEFI code and variables.

HP strongly recommends promptly transitioning to this updated BIOS version which supersedes all previous releases.

** After this BIOS update has been installed, previous BIOS versions cannot be reinstalled.

Then, monitor: SUPPORT COMMUNICATION- SECURITY BULLETIN Version: 11 HPSBHF03573 rev. 12 - Side-Channel Analysis Met...

for the (eventual) availability of a BIOS update to address the 'Meltdown' and 'Spectre' vulnerabilities for your computer. This web-page is occasionally updated by HP. Always "refresh" to get the most-current version of the document.

-----------
Welcome to this forum.

Please click the purple/white "Thumbs Up" icon for every response that is helpful.

Also, please click "Accept As Solution" for the best response.

GIUSEPPE87 · ‎04-05-2018

Hello mdklassen! The December update did not give me any kind of problem, but this February gives me Specter's vulnerability. I wanted to know if I can get the December update back or not.

mdklassen · ‎04-05-2018