Highlighted
St3veCo
1 Copper

Looking for Meltdown and Spectre patches for some older Dell machines (760, 780, 790 and more)

My company is still using some of the following older Dell models. Can you tell me if these are susceptible to the Meltdown and Spectre security risks? If so, are BIOS updates are going to be available for them? 

Optiplex760
Optiplex780
Optiplex790
LatitudeE4310

Latitude

E4300

Latitude

E6320

Steve Cox | SANMAR
Client Services Administrator, Information Technology
Labels (4)
0 Kudos
4 Replies
Philip_Yip
5 Iridium

Re: Looking for Meltdown and Spectre patches for some older Dell machines (760, 780, 790 and more)

3 of the systems have a 2017 UEFI BIOS update the other 3 are too old and have a Legacy BIOS.

OptiPlex 760 - Late 2008 (Legacy)

OptiPlex 780 - Late 2009 (Legacy)

OptiPlex 790 - Early 2011 (UEFI):

http://www.dell.com/support/home/uk/en/19/drivers/DriversDetails?productCode=optiplex-790&driverId=H...

Latitude E4300 - Mid 2008 (Legacy)

Latitude E4310 - Mid 2010 (UEFI):

http://www.dell.com/support/home/drivers/DriversDetails?productCode=latitude-e4310&driverId=WYXP3

Latitude E6320 - Early 2011 (UEFI):

http://www.dell.com/support/home/drivers/DriversDetails?productCode=latitude-e6320&driverId=NDDY8

 

Dr Philip Yip
Tech Enthusiast and Author of the Unofficial Dell Windows Reinstallation Guide

Windows FAQs and OEM Downloads


#IDoNotWorkFor Dell
0 Kudos
speedstep
6 Thallium

Re: Looking for Meltdown and Spectre patches for some older Dell machines (760, 780, 790 and more)

microprocessor-side-channel-vulnerabilities

The complete affected platform list for Dell consumer products will be added as the information becomes available.

cve-2017-5715

cve-2017-5753

cve-2017-5754

impact-on-dell-products

http://www.dell.com/support/article/us/en/19/sln308587

 

 


Report Unresolved Customer Service Issues
here

I do not work for Dell. I too am a user.

The forum is primarily user to user, with Dell employees moderating
Contact USA Technical Support






Get Support on Twitter @DellCaresPro

0 Kudos
St3veCo
1 Copper

Re: Looking for Meltdown and Spectre patches for some older Dell machines (760, 780, 790 and more)

Hi Speedstep,

I've been checking that site but I don't see any of these machines listed there. Does that mean that there isn't going to be BIOS updates for them?

Thanks,

-Steve

Steve Cox | SANMAR
Client Services Administrator, Information Technology
0 Kudos
speedstep
6 Thallium

Re: Looking for Meltdown and Spectre patches for some older

I doubt that systems that old are supported so far past End of Life End of Support. There is an update for the 790 but not the 780 etc. The generic page below is where I would look based on model. 

http://downloads.dell.com/published/Pages/index.html

Highly doubt 2003 thru 2010 systems will get updates. The 790 bios says Update to the latest CPU microcode for CVE-2017-5715 ("Spectre" / Branch Target Injection) . 

may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. So if you have armed guards and lock your doors this is not likely a problem.

https://nvd.nist.gov/vuln/detail/CVE-2017-5715

Meltdown is

https://nvd.nist.gov/vuln/detail/CVE-2017-5753

https://nvd.nist.gov/vuln/detail/CVE-2017-5754

 

DescriptionVersionReleasedDownload
Dell Optiplex 790 System BIOS More detailsA213/21/2018
Dell Optiplex 790 System BIOS.More detailsA196/2/2017
Dell Optiplex 790 System BIOS.More detailsA189/30/2013
Dell Optiplex 790 System BIOS.More detailsA173/21/2013
Optiplex 790 System BIOS  More detailsA1612/12/2012
Optiplex 790 System BIOS  More detailsA159/10/2012
Optiplex 790 System BIOS  More detailsA149/6/2012
OptiPlex 790 System BIOS  More detailsA135/25/2012
OptiPlex 790 System BIOSMore detailsA114/18/2012
DELL,DSK PROG,BIOS,FWH,790,,A10
OptiPlex 790 System BIOSMore details
A1012/12/2011
OptiPlex 790 System BIOS More detailsA0710/24/2011
OptiPlex 790 System BIOS More detailsA069/14/2011
OptiPlex 790 System BIOSMore detailsA056/22/2011
OptiPlex 790 System BIOSMore detailsA035/3/2011
OptiPlex 790 System BIOSMore detailsA024/19/2011

 

The OptiPlex 790 BIOS update package is a DUP-based update package. See that page for command line options. See the passwords section on that page for more information on performing BIOS updates when a BIOS password is set.

Updates

Updates

* Version A05 MUST be installed before installing version A06 and later.

A10*

  • Date: 12/12/2011
  • File: O790-A10.exe
  • Download: HTTP / FTP
  • Hashes:
    • MD5: 266dc9aadba724fe7d5c216388ae02aa
    • SHA1: 9a131e1d60b9d6c9345a583fc8aedf1d587b71a0
    • SHA256: 31e83641669390e2be1deb13846ed747163189a77cc576c18f3b07231ef73331
  • Notes:
    1. For DT LCM system, BIOS will tell DellDiag the thermal sensor is no exist

A07*

  • Date: 10/24/2011 1:58:36 AM
  • File: O790-A07.exe
  • Download: HTTP / FTP
  • Hashes:
    • MD5: 817ffbbcbe7a55afcca84c92d5e84443
    • SHA1: 5bbde02c8a7138ec4156ddcfd4c5b0f2ccbd72ca
    • SHA256: a32cd9f6f8b7903f571f4684bc474c23520bd469e6ceb1c4ac332a05ce6e2f52
  • Notes:
    1. Update ePSA ( build 4206.2)
    2. Update PXE ROM
    3. Improve compatibility with mouse device.

A06*

  • Date: 9/14/2011 10:13:55 PM
  • File: O790-A06.exe
  • Download: HTTP / FTP
  • Hashes:
    • MD5: 6788b28d68185c6bc52ff66866c16687
    • SHA1: 110aced123b8b2bd2bbf7c2a7f99af2240283628
    • SHA256: 17abafd0d51f68ad1c440951385ee98f7f3e135cbe3d815dce579d49cdb5433f
  • Notes:
    Defects Fixed:
    1. Fix Forced Boot to CD support for Sandybridge UMA Platforms
    2. Correct INT13 handler for ATA mode when system is under virtual x86 mode
    3. DF477841: All 250GB drives show as 249GB in the BIOS.
    4. DF479402: [REC LT] HDD slow performance with POINTSEC software installed
    5. Pink Panther: Fixed Blinking Cursor Issue.
    6. Fixed USB handoff sequence broken
    7. DF476106: KG:UUT easily hang if write data and save on Hitachi HDD under DOS w/ AHCI mode.
    8. DF480677: Can't boot to HDD attached to SCU if SATA ODD attached
    9. DF463483: B/LSN:Auto reboot when booting to USB unbootable ODD from Boot Menu
    10. DF477727: B/LSN:MEBx still can be entered by pressing Ctrl-P during POST after ME disabled
    11. DF470840:BS:USB Key can't boot to DRMK with SAS HDD attached
    12. DF476090: After disable NIC in BIOS menu, the BIOS menu will show wrong MAC address
    13. DF462270: fixed that No SATA device BSOD in Win PE by intel recommend
    Changes:
    1. CR468958: Create and Define SMBIOS Token to manage Control WLAN/WWAN Radio
    2. Pink Panther: Update Gpe Orom 1.02.
    3. Update to latest Intel microcode patch (MOB_P_10)
    4. Support KillTPM feature and token.
    5. Added Signed Firmware Update Transition BIOS.
    6. CR484081:Pink Panther: System set to ATA or AHCI mode prompts message on every boot
    7. CR485006:Pink Panther: Cato board SSVID and SSID values are zero
    8. Updated Intel System Agent reference code to 1.2.0
    9. Updated Intel PCH Reference Code to 1.2
    10. Updated Intel PPM Reference Code to v1.2.1.1
    11. Set KEY_TRANSITION_RELEASE to "0" for digital sign
    12. BBSManager issue (it will cause ePSA to hang with >= 4GB RAM installed on B/LS/N)
    13. allow serial control from setup for Gcoast

A05

  • Date: 6/22/2011 1:31:35 AM
  • File: O790-A05.exe
  • Download: HTTP / FTP
  • Hashes:
    • MD5: 6e5761e7e6fc0b37bfba3b58041d071d
    • SHA1: 0f7d6bbad0c862ad0476d1b61765e1345c2d6020
    • SHA256: 9b013049851b6624e76851e5bc4920941f2c25a5f85f36309be33bb3dce3c260
  • Notes:
    1. Added support for Signed Firmware Updates.
    2. Additional vPro support. Added DASH ~{!.~}PLDM for BIOS Control and Configuration~{!/~}.
    3. Modify Strong Password help text to indicate applicability to Admin and System passwords only, instead of "all passwords".
    4. Added support for UEFI OS install with greater than 8GB of memory.
    5. Updated Intel Management Engine FirmWare to 7.1.13.1088
    6. Added support to flash BIOS with /S parameter under Windows
    7. Enhanced Admin Password supports
    8. Enabled NIC PXE boot by default

A03

  • Date: 5/3/2011 10:35:46 PM
  • File: O790-A03.exe
  • Download: HTTP / FTP
  • Hashes:
    • MD5: 5e264f9d2c04b74a8ff8cf142f288998
    • SHA1: 1a04a5ea39840365c4dc34d967ddf3942ee4a6e3
    • SHA256: 2abaaafd351a9be7cedb0daae7c1cf1f0422150def4e595dd05c82ccffc16313
  • Notes:
    1. Enhance Chassis Intrusion.

A02

  • Date: 4/19/2011 9:22:31 PM
  • File: O790-A02.exe
  • Download: HTTP / FTP
  • Hashes:
    • MD5: 2013dae0365e8251849e05d044efe66d
    • SHA1: 48478bb78920d9930a0b5f1aa59c4c167f13a1b6
    • SHA256: 8e8af99e3578f37732f2fc3e5c87339160af75625b0b80de8c92ec6236222d4b
  • Notes:
    1. Initial Release

Report Unresolved Customer Service Issues
here

I do not work for Dell. I too am a user.

The forum is primarily user to user, with Dell employees moderating
Contact USA Technical Support






Get Support on Twitter @DellCaresPro

0 Kudos