Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

delrlz

1 Message

1327

January 12th, 2018 03:00

BIOS A26, does not fix CVE

Dear support,

I have installed the bios update a26 in our organization. 

this bios update should solve the vulnerability Microprocessor Side-Channel Vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754). but unfortunately after the bios update this is not resolved. I have checked this with powershell by running the following script. # Set-ExecutionPolicy RemoteSigned -Scope Currentuser
Import-Module c: \ ps \ SpeculationControl.psd1
Get-SpeculationControlSettings

according to dell should fix the vulnerabilty after this bios update, but with the 7010 this is not the case. It says behind "hardware support". see powershell screenshot. Does anyone have a solution to this problem, since the is now vulnerable.

 

 

from: http://www.dell.com/support/article/nl/nl/nldhs1/sln308587/microprocessor-side-channel-vulnerabilities--cve-2017-5715--cve-2017-5753--cve-2017-5754---impact-on-dell-products?lang=en

Patch Guidance:

There are two essential components that need to be applied to mitigate the above-mentioned vulnerabilities:

  1. Apply the firmware update via BIOS update listed below, see the table in Dell Consumer and Commercial Client Products Affected section below.
  2. Apply the applicable operating system patch, see the OS Patch Guidance section below.

 

 

Speculation control settings for CVE-2017-5715 [branch target injection]

letouzey

2 Posts

January 12th, 2018 10:00

Similarly, I deployed bios update A27 on some Optiplex 9010 here (file O9010A27.exe). The details given by Dell for this update claim : "Update to the latest CPU microcode to address CVE-2017-5715" (one of the Spectre vulnerability). But after installation, the processor microcode has version 0x1c (a microcode released in 2015). So I can't see how this could be a fix for Spectre. NB: this bios update also (or only?) upgrades the ME (Intel infamous Management Engine) to solve various bugs in it, but that's unrelated to Spectre. Pierre Letouzey, University Paris Diderot PS: For now there's still no bios update available for Optiplex 3010 and 3030 AIO, the two other kinds of machines we have here in our teaching lab.

Srele

1 Message

January 13th, 2018 04:00

I have the same problem on my 7010.

letouzey

2 Posts

January 26th, 2018 08:00

Update : the description of BIOS A27 for Optiplex 9010 has been updated (on 16 jan 2018), removing any mention of CVE-2017-5715 (Spectre) anymore, leaving only fixes related to Intel ME.

 

P. Letouzey

Was this post helpful?

View All

No Events found!

Top