• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Are you having HotKey issues? Click here for tips and tricks.
Check out our WINDOWS 11 Support Center info about: OPTIMIZATION, KNOWN ISSUES, FAQs, VIDEOS AND MORE.
Locked

‎01-08-2018 10:55 AM

HP Recommended
They actually did in June of 2017. So yes... They did know.
Was this reply helpful? Yes No

‎01-08-2018 10:58 AM

HP Recommended

The 1 milion dollar Q for me is still: will HP also patch laptops (and printers?) that are older then the 3 years warrenty?

 

Why are there no HP support reps around in the forum?

Was this reply helpful? Yes No

‎01-08-2018 11:00 AM

HP Recommended
It has treysis
Was this reply helpful? Yes No

‎01-08-2018 11:50 AM

HP Recommended
@keesjand, that's a question I don't know the answer at. My 840 G1 would get an update they said. That's a laptop from 2015 and has no warranty anymore. So let's hope they tell the truth 😉
Was this reply helpful? Yes No

‎01-08-2018 01:51 PM

HP Recommended

@M4nti0n: I highly doubt it. Or why is the ME-vulnerability referencing the wrong CVEs?

Was this reply helpful? Yes No

‎01-08-2018 09:26 PM

HP Recommended

> why is the ME-vulnerability referencing the wrong CVEs?

 

What is the URL of the web-page that you are referring to?

 

Was this reply helpful? Yes No

‎01-08-2018 10:27 PM

HP Recommended
The link that updates the bios including ME firmware and Microprocessor firmware for the Dell Latitude E7470.
It tells me:
- Update to the latest CPU microcode to address CVE-2017-5715.
- Updated Intel ME Firmware to address security advisories INTEL-SA-00086 (CVE-2017-5705, CVE-2017-5708, CVE-2017-5711 & CVE-2017-5712) & INTEL-SA-00101(CVE-2017-13077, CVE-2017-13078 & CVE-2017-13080).

And Dell likes to cover stuff up to look different. It really fixes the meltdown stuff. I don't know about the spectre though. 😉

http://www.dell.com/support/home/nl/nl/nlbsdt1/drivers/driversdetails?driverId=ND42N
Was this reply helpful? Yes No

‎01-08-2018 11:08 PM - edited ‎01-08-2018 11:32 PM

HP Recommended

At least, the BIOS update is here for my 840 G1

HP Notebook System BIOS Update
Type: BIOS
Versie: 01.41 Rev.A
Besturingssystemen: Windows 10 (64-bits)
Uitgiftedatum: 9 jan. 2018
Bestandsnaam: sp84396.exe (13.9 MB)

- Fix the issue where HP Logo lockup when USB devices connected to the 2013 Ultraslim
- Fix the issue where Wireless Keyboards do not get reset in UEFI mode with McAfee Drive Encryption on Windows 10 and Ultralslime dock used when the preboot file system should be handing off to the OS if XHCI is enabled in F10. - Updates the Intel Microcontroller unit (MCU) to version 0x96.
- Provides improved security of UEFI code and variables. HP strongly recommends transitioning promptly to this updated BIOS version which supersedes all previous releases.

NOTE: Due to security changes, after this BIOS update is installed, previous versions cannot be reinstalled.

 

rwrjipwprgjnpowjvwoevpw.png

Was this reply helpful? Yes No

‎01-09-2018 02:05 AM

HP Recommended

> why is the ME-vulnerability referencing the wrong CVEs?

 

If you are referring to:  http://www.dell.com/support/home/ca/en/cabsdt1/drivers/driversdetails?driverId=ND42N

 

it states:

 

Fixes:
 - Update to the latest CPU microcode to address CVE-2017-5715.
 - Updated Intel ME Firmware to address security advisories INTEL-SA-00086 (CVE-2017-5705, CVE-2017-5708, CVE-2017-5711 & CVE-2017-5712) & INTEL-SA-00101(CVE-2017-13077, CVE-2017-13078 & CVE-2017-13080).

 

So, this software update addresses CVE-2017-5715 -- which is the "meltdown/spectre" vulnerability,

and also the IME (Intel Management Extension): CVE-2017-5705, CVE-2017-5708, et cetera.

 

What is "wrong" with those references?

 

Was this reply helpful? Yes No

‎01-09-2018 02:48 AM

HP Recommended

@mdklassen: No, I am not referencing to that link. I am referencing to https://www.intel.com/content/www/us/en/support/articles/000025619/software.html which was posted in the beginning of this thread.

 

Apparently, the BIOS update you linked does fix both. The Intel-tool, however, just checks for ME-vulnerability, and you can see this because it (the tool) references the wrong CVE. Your provided link - since it fixes Spectre as well - of course also specifies the correct CVE for Spectre!

Was this reply helpful? Yes No
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.