It is strongly recommended that customers patch their instance operating systems to isolate software running within the same instance and mitigate process-to-process concerns of CVE-2017-5754. 

Please note, for Windows Server, additional steps are required by Microsoft to enable their update’s protective features for this issue, described here: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution.

This advisory addresses the following vulnerabilities:

• CVE-2017-5715 (branch target injection)
• CVE-2017-5753 (bounds check bypass)
• CVE-2017-5754 (rogue data cache load)

To learn more about this class of vulnerabilities, see ADV180002.

Here is an AWS link for the above statement (regarding OS patching). Links to respective OS level patching for various vendors (RedHat Linux, Windows, CentOs, Ubuntu, etc) are available at the below link:

https://aws.amazon.com/speculative-execution-os-updates/

Patching recommended for the following operating systems:

• Amazon Linux & Amazon Linux 2
• CentOS
• Debian
• Fedora
• Microsoft Windows
• Red Hat
• SUSE
• Ubuntu

Well, there is also a DVI port, however, I do not have a DVI cable. 

Nevertheless, in my opinion, none BIOS update -> Either one from an older version to the latest one on a 7010 Optiplex should not be causing any harm to the PCI-Express video slot. 
I do not expect Dell having a look at that particular video problem, but it would be good to do that, as I do believe I would not be the only one with it. 

Actually, to be more specific on the exact issue -> As you may know one of the 7010 motherboards usually have 2 PCI-E x16 slots. One is 3rd generation, while the other, I think it is 2nd generation. When I plugged the 1050TI video card in the PCI-E x16 3rd generation slot (it is blue in colour) there was no video output on the HDMI port.  

While plugging the card in the 2nd generation slot, the video was fine. I performed a downgrade to the earlier BIOS version I had and all was good after that; Video ran smooth. 

I would love to see a fix for the video problem, if anyone else can actually test and prove it. I did replicate it, so I think that there might be other people that can experience the same trouble as well. 

---

@krissko wrote:

Well, there is also a DVI port, however, I do not have a DVI cable. 

Nevertheless, in my opinion, none BIOS update -> Either one from an older version to the latest one on a 7010 Optiplex should not be causing any harm to the PCI-Express video slot. 
I do not expect Dell having a look at that particular video problem, but it would be good to do that, as I do believe I would not be the only one with it. 

Actually, to be more specific on the exact issue -> As you may know one of the 7010 motherboards usually have 2 PCI-E x16 slots. One is 3rd generation, while the other, I think it is 2nd generation. When I plugged the 1050TI video card in the PCI-E x16 3rd generation slot (it is blue in colour) there was no video output on the HDMI port.  

While plugging the card in the 2nd generation slot, the video was fine. I performed a downgrade to the earlier BIOS version I had and all was good after that; Video ran smooth. 

I would love to see a fix for the video problem, if anyone else can actually test and prove it. I did replicate it, so I think that there might be other people that can experience the same trouble as well. 

---

Out of curiosity, now that you've downgraded BIOS back to the previous version, does the video card have HDMI output when it's in the 2nd (not blue) x16 slot?

A few days ago I saw the bios update for my Latitude e7470 (version 1.18.5 from 12/22/17). It is still listed in the linked Dell support pages for BIOS updates but when you click the link it says it is no longer available. When I enter my service tag the latest BIOS available is an older version (1.17.5 from 8/22/17). I'm guessing this BIOS had problems and was pulled. Any ETA on the next release?

The Meltdown/Spectre updates have been taken down, except for a few of the very latest systems, while Dell works with Intel on them.

Everyone will just have to be patient...

Intel asks customers to stop using faulty patches

https://finance.yahoo.com/news/intel-asks-customers-stop-using-faulty-patches-185054702--finance.html

---

@ky331 wrote:

 

Intel asks customers to stop using faulty patches

---

Why am I not surprised?

Despite my best efforts to prevent it, Dell dumped a BIOS change on my Win 10 XPS 13 laptop yesterday. It did so through the Dell Updater. I kept telling the nag not to install it/remind me later, until it finally ignored me and installed it anyway. When the Updater first alerted me to the new version, I clicked on the Version link to see what was being offered. The link did not work.

Today I checked the BIOS version, and it is 1.4.18, issued June 6, 2017. I went to Dell driver downloads, and it lists the latest version for my system as 1.5.1 issued Sep. 28, 2017. And a scan with the Dell Updater said everything is up to date. So I don't know what the heck Dell did to my BIOS yesterday. (I don't think there is a log of Dell Update history). Maybe they rolled the version back.

All I know is I'm sitting out updating anything from anyone as long as possible til they sort things out.

Based on all the chaos that has resulted from these rushed BIOS updates, and carefully considering the information I made in the following two posts:

https://www.dell.com/community/Virus-Spyware/Microsoft-to-issue-emergency-Windows-update-for-processor/m-p/5650765#M200968 

https://www.dell.com/community/Virus-Spyware/Microsoft-to-issue-emergency-Windows-update-for-processor/m-p/5707004#M200991 

I am seriously considering NOT updating the BIOS on my systems, even after a new BIOS is tested and declared safe.   Of course, I will then be taking full responsibilty for my [lack of] action, and for my system's security [or lack thereof].   Note:  I HAVE applied the January Windows updates (which mitigate Meltdown [but not Spectre] on x64-based systems).

---

@ky331 wrote:

 

Based on all the chaos that has resulted from these rushed BIOS updates, and carefully considering the information I made in the following two posts:

https://www.dell.com/community/Virus-Spyware/Microsoft-to-issue-emergency-Windows-update-for-processor/m-p/5650765#M200968 

https://www.dell.com/community/Virus-Spyware/Microsoft-to-issue-emergency-Windows-update-for-processor/m-p/5707004#M200991 

I am seriously considering NOT updating the BIOS on my systems, even after a new BIOS is tested and declared safe.   Of course, I will then be taking full responsibilty for my [lack of] action, and for my system's security [or lack thereof].   Note:  I HAVE applied the January Windows updates (which mitigate Meltdown [but not Spectre] on x64-based systems).

---

That's probably a good approach, as long as you accept responsibility for not updating, but it gets even worse than your experience...

Some users reported getting an alert in the past few days for an "important" BIOS update on the Inspiron 3647/3847 (which use the same BIOS). The alert tells them to update from BIOS A02 to BIOS A08. One user said the update worked, the others said it failed.

When I looked at the Support page, BIOS A08 was released in 2015 and it's marked "optional". So it obviously has nothing to do with any of the recent Intel issues.  And I checked that support page before Dell took down all the recent Meltdown/Spectre updates.

So why did these users suddenly get an "important" alert now for such an old version of BIOS that's supposed to be "optional", and why is this one failing too..??

:Ick:

From https://www.wired.com/story/meltdown-and-spectre-vulnerability-fix/ ; take it for what it's worth:

Though possible, exploiting Meltdown and especially Spectre is complicated and challenging in practice, and some attacks require physical access. For hackers, the vulnerabilities will only get tougher to exploit as more devices start to get patched. Which means that at this point, the risk to the average user is fairly low. Besides, there are easier ways—like phishing—for an attacker to try to steal your passwords or compromise your sensitive personal information.

---

@SallyC54 wrote:

 I have a Delll XPS 13 (9350) with BIOS 1.6.1 that keeps wanting to install new BIOS but then gives the message "BIOS update blocked due to unsupported downgrade"

After reading about how many problems people are having when trying to install the BIOS update, I'm fine ignoring the messages to update (or downgrade) but I'm just wondering if I'm already in trouble?  Everything works fine at this point.

My fear is that if I start trying to "fix" it back to 1.5.1 that I will end up with something that doesn't work because something went wrong in that process.

As a registered Dell product owner, I would have expected an email or something from them about this.  Since that hasn't happened, my question here is:  If everything works, can I leave it as is and wait for Dell/Intel to come up with a fix or path forward from 1.6.1 or do I need to remove 1.6.1 from my system?

Thank you.

---

Follow the old adage: If it ain't broke, don't break it.

So leave it alone. And if SupportAssist keeps telling you there's a new update, you can either uninstall the SupportAssist software or stop it from loading automatically each time you boot up.

If you uninstall SupportAssist, you can always download and reinstall it again for free from Dell's support site, assuming you still need/want it.

Like I said, leave it alone. Just wait until things settle down and there's clear info on what comes next.

If you're concerned, the best thing to do is back up all your personal files on external media ASAP and keep updating that backup regularly.

@RoHe that sounds like good advice. 

I was just curious if I would need to go back to a previous BIOS or if Dell/Intel are going to come up with a path forward out of the pit I'm in due to their previous BIOS update.  For now, I'm just ignoring the notification and counting my blessings that everything still works. 

Hi SallyC54

I too have an XPS 13 9350, and have been having BIOS update alerts and errors. At one point I was told that 1.6.1 was successfully installed, only to find msinfo32 said my BIOS was 1.4.18. And I kept getting alerts that a BIOS update was ready, or installed and I should reboot. These alerts continued despite reboots. It seemed I was in some infinite loop. Through all of this, my PC continued to work well, apart from the nags.

So I agree with Ron. Leave well enough alone if your system is otherwise OK. And if you have Dell Update installed, disable its automatic scanner.