Everybody's flashing for the weekend, even Intel wants a little romance

Subject: General Tech | April 12, 2019 - 12:32 PM |
Tagged: security, patch, Intel, flash

If you and your Intel chips are feeling insecure, why not show them some love this Friday night and flash them with new updates?  There are new updates including one to mitigate Spoiler, and one for the Broadwell U i5 vPro found in the Intel NUC.  There are also software update, which resolves permission escalation vulnerabilities in the Graphics Performance Analyzer for Linux and the Intel Media SDK. 

As when flashing your motherboard or GPU, do be careful to read and follow all the steps, unless you have a love of bricking expensive equipment.  Drop by The Register for links to all four updates.

IMG_5364_large.jpg

"Chipzilla's April patch load includes fixes for a pair of bugs considered by Intel to be high security risks, as well as a speculative execution bug reported by university researchers last month."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Anthem Patch 1.0.4 Adds NVIDIA DLSS and Highlights Support

Subject: Graphics Cards | March 26, 2019 - 10:48 AM |
Tagged: update, rtx, ray tracing, patch 1.0.4, patch, nvidia, geforce, ea, DLSS, BioWare, anthem

Patch 1.0.4 for Anthem was released by BioWare/EA today which addresses a number of issues and adds features including two specific to GeForce graphics card users, namely DLSS and NVIDIA Highlights support.

anthem-geforce-rtx-screenshot.jpg

The DLSS (deep learning super-sampling) feature is exclusive to RTX 20-series GPUs, providing performance gains of up to 40% with real-time ray tracing enabled according to NVIDIA, who provides this video of DLSS off vs. on in the game (embedded below):

NVIDIA offers this chart showing performance gains with the range of RTX cards with DLSS enabled:

anthem-nvidia-dlss-4k-performance.png

NVIDIA Highlights support is available to users of GeForce Experience, and this feature allows the automatic capture of gameplay clips and screenshots in certain situations. BioWare/EA lists the supported scenarios for the feature:

  • Visiting and viewing overlooks
  • Defeating certain large creatures
  • Performing multi-kills
  • Defeating legendary creatures
  • Discovering the Tombs of the Legionnaires
  • Performing combos
  • When the player is downed by enemies
  • Defeating bosses

anthem-nvidia-highlights.png

The full Patch 1.0.4 release notes can be viewed here, and more information from NVIDIA about the new GeForce features for Anthem are available here.

Source: NVIDIA

It's a good day to be running an AMD APU, unless you like updating iGPU drivers

Subject: General Tech | March 14, 2019 - 12:08 PM |
Tagged: Intel, security, patch, igp

Today there are patches for no less than 19 vulnerabilities on Intel graphics drivers for Windows of various flavours.  Sysadmins out there should also pay attention, as there are  vulnerabilities specific to server chips as well, with patches for a variety of features up to and including the Trusted Execution Engine; if you are using a desktop chip with these features you should also pay attention.  The only silver lining to this is that the vulnerabilities require an already compromised machine to be exploited ... or physical access of course.

You can read through the synopsis of these CVEs over at The Register if you want to ruin your Thursday.

it_crowd_650px.jpg

"Chipzilla's March patch dump is highlighted by fixes for 19 CVE-listed vulnerabilities in its graphics drivers for Windows. If you use Windows and have those drivers (and if you're running an Intel CPU with integrated GPU, you almost certainly do) you will want to patch sooner than later."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Incoming friendly fire! Microsoft is launching more patches!!!

Subject: General Tech | November 29, 2018 - 02:15 PM |
Tagged: patch, terror, microsoft, windows 10

The seemingly endless barrage of patches attempting to patch the issue the previous patches attempt to patch after needing a patch to patch the patch ... continues ad nauseam.  If you are running Server 2016 or Windows 10 1709 or newer then you are about to receive a gift you probably don't want; though one fix in Server 2016 is worth it as it fixes something that left many technically inclined people, including The Register, scratching their heads.

You should consider a setting a shortcut to "About your PC" to keep tabs on your Windows version as Win10 has made this necessary for the first time.  Case and point, Windows 10 1703 is no longer receiving updates unless you are running Enterprise or Education versions, so unless you install one of the roll ups, you ain't even getting basic security updates!

Foxhole.jpg

"Tucked innocuously among a swathe of fixes ranging from dealing with Russian time zone changes to fixing wobbly Hyper-V servers is the text: "Addresses an issue in File Explorer that sometimes deletes the permissions of a shared parent folder when you delete the shared child folder."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Windows 10 someday, maybe update

Subject: General Tech | November 22, 2018 - 01:25 PM |
Tagged: windows 10, patch, oops, microsoft

The Windows 10 October Update, now to be referred to as The New ME, has now decided it dislikes the audio portion of a display driver from a tiny little company with little to no market share, known as Intel.  Microsoft have pulled the update, which is degrading audio input on systems with Intel graphics, which they blame on "OEMs that accidentally turned on unsupported features in Windows" according to The Inquirer.

In this case, one might be thankful for not checking for updates for Windows or Office for a while and eating turkey instead.

73d0ec1bd1fc82971ef630934d73575fd4cef412.jpg

"Intel driver users join anyone with a small hard drive, anyone who uses ZIP files, anyone using iCloud, anyone who needs to map a network drive, anyone with an HP machine, and anyone who likes their files to be associated with installed programs."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register
Author:
Manufacturer: NVIDIA

Retesting the 2990WX

Earlier today, NVIDIA released version 399.24 of their GeForce drivers for Windows, citing Game Ready support for some newly released games including Shadow of the Tomb Raider, The Call of Duty: Black Ops 4 Blackout Beta, and Assetto Corsa Competizione early access. 

399-24-changelog.png

While this in and of itself is a normal event, we shortly started to get some tips from readers about an interesting bug fix found in NVIDIA's release notes for this specific driver revision.

f12017.png

Specifically addressing performance differences between 16-core/32-thread processors and 32-core/64-thread processors, this patched issue immediately rang true of our experiences benchmarking the AMD Ryzen Threadripper 2990WX back in August, where we saw some games resulting in frames rates around 50% slower than the 16-core Threadripper 2950X. 

This particular patch note lead us to update out Ryzen Threadripper 2990WX test platform to this latest NVIDIA driver release and see if there were any noticeable changes in performance.

The full testbed configuration is listed below:

Test System Setup
CPU

AMD Ryzen Threadripper 2990WX

Motherboard ASUS ROG Zenith Extreme - BIOS 1304
Memory

16GB Corsair Vengeance DDR4-3200

Operating at DDR4-2933

Storage Corsair Neutron XTi 480 SSD
Sound Card On-board
Graphics Card NVIDIA GeForce GTX 1080 Ti 11GB
Graphics Drivers NVIDIA 398.26 and 399.24
Power Supply Corsair RM1000x
Operating System Windows 10 Pro x64 RS4 (17134.165)

Included at the end of this article are the full results from our entire suite of game benchmarks from our CPU testbed, but first, let's take a look at some of the games that provided particularly bad issues with the 2990WX previously.

The interesting data points for this testing are the 2990WX scores across both the driver revision we tested across every CPU, 398.26, as well as the results from the 1/4 core compatibility mode, and the Ryzen Threadripper 2950X. From the wording of the patch notes, we would expect gaming performance between the 16-core 2950X and the 32-core 2990WX to be very similar.

Grand Theft Auto V

gtav-new.png

GTA V was previously one of the worst offenders in our original 2990WX testing, with the frame rate almost halving compared to the 2950X.

However, with the newest GeForce driver update, we see this gap shrinking to around a 20% difference.

Continue reading our revised look at Threadripper 2990WX gaming performance!!

Of Intel, Foreshadow, horses and barn doors

Subject: General Tech | August 24, 2018 - 12:29 PM |
Tagged: Foreshadow, Intel, hyperthreading, L1TF, spectre, security, patch

In a move which should not come as a shock to anyone, Intel removed the wording which was revealed yesterday along with their Foreshadow patch for desktop CPUs prohibiting publishing comparative performance results.   The reason Intel would rather you didn't post performance comparisons, pre and post patch, is that along with the microcode update HyperThreading needs to be disabled which has a noticeable effect on any multi-threaded application.  Debian were of great help with this, refusing to deply the microcode patch with the gag order in place. 

Red Hat foreshadowed what you will see with their results from the server chip patches, The Register notes as being "from a +30 per cent gain, to -50 per cent loss and beyond. Most HT testing, however, showed losses in the 0-30 per cent range."

187032066-612x612.jpg

"Intel has backtracked on the license for its latest microcode update that mitigates security vulnerabilities in its processors – after the previous wording outlawed public benchmarking of the chips."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

About time Intel thought of ME!

Subject: General Tech | July 19, 2018 - 02:53 PM |
Tagged: security, patch, intel management engine, Intel, IME

A bit before Christmas last year, Intel provided sysadmins with a lovely present, vulnerabilities in the on chip Intel Management Engine which you could not even tell if they had been used to breach your systems.  Intel have now publicly released four advisories pertaining to the IME, so that interested parties can investigate for themselves.  These were already released to system builders and patches released, after a quite a long delay.  This is better late than never ... assuming you are not running anything older than a fourth generation Core processor. 

The Register has links to the advisories if you are interested in a little light reading.

Intel-Inside.jpg

"Now that Intel's advisory is public, it's clear that Chipzilla has known the particulars for some time, and has been privately working with computer manufacturers to push fixes ahead of disclosure. For example, Lenovo emitted firmware fixes in April, and Dell no later than June."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

The cure worse than the disease; get your new patches or enjoy a total meltdown

Subject: General Tech | April 27, 2018 - 12:59 PM |
Tagged: meltdown, microsoft, security, patch, Windows 7, server 2008 r2

Wasn't it hilarious when Microsoft released a patch for the Meltdown flaw that made things even worse by allowing write access to kernel memory as well as read access?  Well, if you haven't the patch which fixes the patch in place you won't be laughing so hard today.  The Register has seen proof of concept code which makes use of this flaw to elevate a DOS shell window to NT AUTHORITY\System from a user without admin privileges.  Get yourself patched up, especially that Server 2008 instance!

stop-hitting-yourself-meme.jpg

"If you're not up-to-date with your Intel CPU Meltdown patches for Windows 7 or Server 2008 R2, get busy with that, because exploit code for Microsoft's own-goal flaw is available."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Intel Responds to Reboot Issues with Meltdown and Spectre Updates

Subject: Processors | January 18, 2018 - 01:17 PM |
Tagged: update, spectre, security, restart, reboot, processor, patch, meltdown, Intel, cpu

The news will apparently get worse before it gets any better for Intel, as the company updated their security recommendations for the Spectre/Meltdown patches for affected CPUs to address post-patch system restart issues. Specifically, Intel notes that issues may be introduced in some configurations with the current patches, though the company does not recommend discontinued use of such updates:

" Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations".

meltdown_spectre.png

Image credit: HotHardware

The recommendation section of the security bulletin, updated yesterday (January 17, 2018), is reproduced below:

  • Intel has made significant progress in our investigation into the customer reboot sightings that we confirmed publicly last week
  • Intel has reproduced these issues internally and has developed a test method that allows us to do so in a predictable manner
  • Initial sightings were reported on Broadwell and Haswell based platforms in some configurations. During due diligence we determined that similar behavior occurs on other products including Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake based platforms in some configurations
  • We are working toward root cause
  • While our root cause analysis continues, we will start making beta microcode updates available to OEMs, Cloud service providers, system manufacturers and Software vendors next week for internal evaluation purposes
  • In all cases, the existing and any new beta microcode updates continue to provide protection against the exploit (CVE-2017-5715) also known as “Spectre Variant 2”
  • Variants 1 (Spectre) and Variant 3 (Meltdown) continue to be mitigated through system software changes from operating system and virtual machine vendors
  • As we gather feedback from our customers we will continue to provide updates that improve upon performance and usability

Intel recommendations to OEMs, Cloud service providers, system manufacturers and software vendors

  • Intel recommends that these partners maintain availability of existing microcode updates already released to end users. Intel does not recommend pulling back any updates already made available to end users
  • NEW - Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations
  • NEW - We further recommend that OEMs, Cloud service providers, system manufacturers and software vendors begin evaluation of Intel beta microcode update releases in anticipation of definitive root cause and subsequent production releases suitable for end users

Intel recommendations to end users

  • Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied
  • For PCs and Data Center infrastructure, Intel recommends that patches be applied as soon as they are available from your system manufacturer, and software vendors
  • For data center infrastructure, Intel additionally recommends that IT administrators evaluate potential impacts from the reboot issue and make decisions based on the security profile of the infrastructure

Intel has worked with operating system vendors, equipment manufacturers, and other ecosystem partners to develop software updates that can help protect systems from these methods. End users and systems administrators should check with their operating system vendors and apply any available updates as soon as practical.

The full list of affected processors from Intel's security bulletin follows:

  • Intel® Core™ i3 processor (45nm and 32nm)
  • Intel® Core™ i5 processor (45nm and 32nm)
  • Intel® Core™ i7 processor (45nm and 32nm)
  • Intel® Core™ M processor family (45nm and 32nm)
  • 2nd generation Intel® Core™ processors
  • 3rd generation Intel® Core™ processors
  • 4th generation Intel® Core™ processors
  • 5th generation Intel® Core™ processors
  • 6th generation Intel® Core™ processors
  • 7th generation Intel® Core™ processors
  • 8th generation Intel® Core™ processors
  • Intel® Core™ X-series Processor Family for Intel® X99 platforms
  • Intel® Core™ X-series Processor Family for Intel® X299 platforms
  • Intel® Xeon® processor 3400 series
  • Intel® Xeon® processor 3600 series
  • Intel® Xeon® processor 5500 series
  • Intel® Xeon® processor 5600 series
  • Intel® Xeon® processor 6500 series
  • Intel® Xeon® processor 7500 series
  • Intel® Xeon® Processor E3 Family
  • Intel® Xeon® Processor E3 v2 Family
  • Intel® Xeon® Processor E3 v3 Family
  • Intel® Xeon® Processor E3 v4 Family
  • Intel® Xeon® Processor E3 v5 Family
  • Intel® Xeon® Processor E3 v6 Family
  • Intel® Xeon® Processor E5 Family
  • Intel® Xeon® Processor E5 v2 Family
  • Intel® Xeon® Processor E5 v3 Family
  • Intel® Xeon® Processor E5 v4 Family
  • Intel® Xeon® Processor E7 Family
  • Intel® Xeon® Processor E7 v2 Family
  • Intel® Xeon® Processor E7 v3 Family
  • Intel® Xeon® Processor E7 v4 Family
  • Intel® Xeon® Processor Scalable Family
  • Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
  • Intel® Atom™ Processor C Series
  • Intel® Atom™ Processor E Series
  • Intel® Atom™ Processor A Series
  • Intel® Atom™ Processor x3 Series
  • Intel® Atom™ Processor Z Series
  • Intel® Celeron® Processor J Series
  • Intel® Celeron® Processor N Series
  • Intel® Pentium® Processor J Series
  • Intel® Pentium® Processor N Series

We await further updates and developments from Intel, system integrators, and motherboard partners.

Source: Intel