Does your primary home PC have a Spectre v2 BIOS update available for it yet?

[cbn]

Does your primary home PC (desktop or laptop) have a Spectre v2 BIOS update available for it yet?

Optional: Share what ,motherboard or pre-built PC you have.

 

[LTC8K6]

Well, I accidentally voted yes, when my answer is that I don't know.

Inspectre says YES, YES, and GOOD for both of my home PCs. but I don't know what version of Spectre it reports on.

 

[cbn]

Well, I accidentally voted yes, when my answer is that I don't know.

The poll does allow changing votes, but since your PC is protecting from Spectre v2 (see below) your answer of Yes is indeed the correct one.

Inspectre says YES, YES, and GOOD for both of my home PCs. but I don't know what version of Spectre it reports on.

It does check for Spectre v2.

 

[LTC8K6]

Okay, one is a 4790K and ASUS Z97-A setup with Win10 Pro with the latest updates. It has a beta BIOS recently released.
The other is an E3-1231 V3 and I can't remember the board, but it's not a Z board. This one is a long time Windows Insider system with whatever version of the build they are up to. I'll get the actual board info when I get home.

 

[cbn]

For systems without a BIOS update available I've been researching Linux:

https://www.zdnet.com/article/linux-4-16-arrives-bringing-more-spectre-and-meltdown-fixes/

Reference this article for more info:

https://www.zdnet.com/article/googl...ges-performance-hit-so-you-should-all-use-it/

That fix, called Retpoline, addresses Variant 2 of the two Spectre CPU attacks called 'branch target injection'. Variant 2 is considered by Microsoft and Google to be the trickiest speculative execution vulnerability to fix as it's the only one that does cause a significant hit on CPU performance.

The other way of fixing Variant 2 is via a blend of OS/kernel fixes and silicon microcode from Intel and AMD, but Google contends its software-based Retpoline answer is superior and should be adopted universally.

With that noted compare and contrast what Intel writes about Retpoline:

https://software.intel.com/sites/de...line-A-Branch-Target-Injection-Mitigation.pdf

Mitigations for speculation-based, side-channel security issues fall into two categories: directly manipulating speculation hardware, or indirectly controlling
speculation behavior. Direct manipulation of the hardware is generally per formed by microcode updates or manipulation of hardware registers. Indirect control is
accomplished via software constructs that limit or constrain speculation. Retpoline is a hybrid approach since it requires updated microcode to make the speculation
hardware behavior more predictable on some processor models. However, retpoline is primarily a software construct that leverages specific knowledge of the underlying
hardware to mitigate branch target injection (Spectre variant 2).

Mitigation with retpoline requires that all code in a program (or OS kernel) is compiled with a retpoline-enabled compiler in order to make sure vulnerable
indirect branches are replaced with the retpoline sequence. In practice, this means that retpoline can only be applied in environments where recompilation and redeployment of updated binaries is possible. This includes instances where full source code is available, or where instructions are generated by a JIT compiler.
However, retpoline is not a practical mitigation for environments where full recompilation itself is not practical. Other mitigations may be appropriate in those environments.

 

[LTC8K6]

Update: The E3-1231 V3 system is on an ASUS B85M-G Rev 2.0 board with BIOS 2001 running Win 10 Insider build 17677.1