-
Edit – in my haste, I forgot to include step 12 above in #193032
12) Ran Microsoft’s Speculation Control Validation PowerShell Script to verify that MS’s tool detects & indicates expected Spectre mitigation within Gulftown processors when using the Westmere “0x1E” microcode update … except for “Windows OS support for PCID performance optimization is enabled: False” … all other indications: TRUE.
MS links pertaining to the PowerShell Script:
https://gallery.technet.microsoft.com/scriptcenter/Speculation-Control-e36f0050#content
The False PCID indication is as expected due to absence of “INVPCID” support in Gulftown or Westmere processors. I believe Windows currently doesn’t use “PCID” capability if either “PCID” or “INVPCID” is not supported. I believe Haswell processors were the first to implement both “PCID” & “INVPCID” and as such, they & their successors suffer less of a performance impact with Meltdown & Spectre mitigations implemented due to Windows use of both “PCID” & “INVPCID” instructions.
A good presentation primer for this can be found at:
“Coreinfo” tool can be used to gain insight into a processors topology & included feature details:
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo
Group B / Win7 SP1 (Ultimate & Pro) [x64 & x86]
RDRguyWin7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS -
FYI, for those who don’t already know, Steve Gibson released Inspectre Release #8 on Apr 11, 2018.
Release #8 — Now shows whether an Intel microcode patch is (ever) available for Spectre.
Intel has finished designing microcode update patches for its processors. On April 2nd, 2018, they announced that processors that have not yet been patched will never be patched. Their full statement is available in this PDF document. In that document, Intel specifies which of their many processors do have patches and which of their more recent processors will never receive updated firmware. Now that the industry has this information, this 8th release of InSpectre incorporates that list of CPUIDs and displays whether microcode firmware updates exist for the system’s Intel CPU.
Well, I’ve run it and to my surprise this is what Release #8 indicates concerning my “i7-990x” system – CPUID 206C2.
Spectre & Meltdown Vulnerability Status
System is Meltdown protected: YES
System is Spectre protected: YES
Microcode Update Available: YES
Performance: SLOWER
CPUID: 206C2Now, Intel’s Microcode Update Guidance dated April 2, 2018 has the Production Status listed as “Stopped” and a Pre-Mitigation Production MCU listed as “0x1E” for the Gulftown processors CPUID 206C2.
Intel’s Microcode Update Guidance dated April 2, 2018 also has the Production Status listed as “Production” and a New Production MCU listed as “0x1E” for the Westmere EP, WS which is also CPUID 206C2.
But, Intel has yet to release the new “0x1E” microcode update for the 206C2 to the public. I seriously doubt that Microsoft is in any hurry to release Win7 microcode updates for old legacy processors & I’m sure ASUS will never release anything for the i7-990x as Intel has officially “Stopped” it’s work on the Gulftown processors.
However, HP still supports their Z400/Z600/Z800 WorkStation Servers that use the Westmere EP XEONs for which Intel has released to HP the 206C2 “0x1E” microcode for their BIOS updates to mitigate Spectre Variant 2.
I know, I know, but what I’m about to do is something I know most of you on AskWoody frown upon HIGHLY. But, I still performed a somewhat precarious experiment on my ASUS P6T Deluxe V2 motherboard that incorporates an Intel i7-990x CPU.
1) I downloaded the latest HP Z400 BIOS 3.61 Rev A “sp84161” dated Mar 6, 2018 and used 7Zip to extract all files within it. The extracted BIOS Update folder contains the “DOS_Flash” folder which contains the “7G3_0361.bin” BIOS file.
https://support.hp.com/us-en/drivers/selfservice/hp-z400-workstation/3718668
2) I then used MCE Extractor (available at github) to extract all CPU microcodes contained in the “7G3_0361.bin” file including the new “0x1E” version for CPUID 206C2 … “cpu206C2_plat03_ver0000001E_2018-01-23_PRD_B8C45629”.
https://github.com/platomav/MCExtractor
3) I then used “MMtool.exe” version 3.26 to replace my 206C2 version “0x13” with the extracted “0x1E” in my P6T Deluxe V2 BIOS “P6T-ASUS-DELUXE-V2-1202.ROM” file.
4) Then with GREAT hesitation, anxiety, heart palpitations & 1 eye closed, I updated my ASUS P6T Deluxe V2 motherboard with the new BIOS containing the new “0x1E” CPU microcode.
To my pleasant surprise, no errors what-so-ever in extracting the new microcode, creating the new ASUS BIOS .rom file or successfully uploading it to the motherboard.
5) After setting the BIOS defaults, I booted into Windows 7 x64 and … wallah! … everything seems to be running normally that is if Win7 runs normally these days.
6) I verified the REG_BINARY values for Previous Update Signature & Update Signature and are both set to “00 00 00 00 1e 00 00 00” in key HKLM\HARDWARE\DESCRIPTION\System\Processor\0 … and they are.
7) I ran Intel Processor Identification Utility version 5.80 to verify all was well … all normal & indicating CPU revision “1E”.
8) I executed the Intel Processor Diagnostic Tool64bit version 4.1.0.24 … all tests PASSED.
9) I ran Intel Extreme Tuning Utility (XTU) version 6.4.1.19 … everything seemed normal but I did not perform any OC’ing.
10) I ran GRC’s Inspectre Release #8 … except for expected slower performance, all GOOD – results at the beginning of this post.
11) Finally, I performed disk benchmarks using ATTO’s Bench32 to test effect nf disk transfers to a Samsung 850 Pro 1TB SSD while enabling then disabling the Spectre mitigations using GRC’s Inspectre tool.
The average difference with all data transfer block sizes combined was approx 4.5% slower overall with Spectre mitigations enabled vs. disabled. But I did get up to 36% slower data transfers for small block sizes consisting of 0.5K then gradually decreasing to less than 10% slower at 4K or larger block sizes.
After all this, I believe I can deduce that I was able to acquire an updated 206C2 Microcode, extract it, replace the existing microcode with the new Spectre mitigated one in my X58 motherboard BIOS that incorporates an i7-990x with apparently no ill effects.
I believe I can also deduce that enabling Spectre mitigation vs. disabling it does seem to affect disk data transfer speeds therefore maybe indicating that the new Westmere EP “0x1E” microcode does have an effect and that maybe it’s performing as intended in the Gulftown processors as well as the Westmere EP processors.
Now, the real question I have is as follows:
Intel, in their Microcode Update Guidance of Apr 2, 2018, indicates that Spectre mitigation for the Gulftown processors is “Stopped”.
Therefore one has to assume that the “0x1E” update for the Westmere EP, WS processors when used with the Gulftown processors will not / may not mitigate Spectre as intended even though it appears to work.
Or does it really work but it hasn’t yet or never will be fully vetted by Intel in so much that it actually does perform as intended if used with Gulftown processors?
OK, I’m confused now so I’d like to pass this on to you AskWoody experts to see if you’re so inclined to ponder upon my experiment & thoughts and besides the anticipated “DON’T DO IT”, maybe offer some geekdomness wisdom.
With all the problems MS has with Windows Updates and Intel’s reluctance to, as of yet, release to the public any newly updated CPU microcodes for older CPU’s like mine, if / when the time comes that I either have to give up my i7-990x system to be protected from Spectre or, stay unprotected or, keep what I’ve done above or, I can upgrade to say a Westmere EP XEON x5690 (reports are that it works just fine in an ASUS P6T Deluxe V2 board), or I can just bite the bullet and then bite on an Apple (future modern technology of course).
Group B / Win7 SP1 [x64 & x86]
RDRguyWin7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS8 users thanked author for this post.
-
-
If someone really, really, really still wants this, the Oct Preview of this buggy .Net update for Win7 & Server 2008 R2 (KB4042076) is still available for download in the Microsoft Update Catalog.
Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS1 user thanked author for this post.
-
-
Hey PKCano, shouldn’t the links in “AKB000003” for this Epson Dot Matrix fix be “KB4055038” and not “KB4048960” which is the exact same Win7 links for the Nov Security Only Updates?
Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS1 user thanked author for this post.
-
+1
Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS1 user thanked author for this post.
-
Not sure if this helps but when clicking on the 1st,2nd or 3rd day on the calendar, only the old posts are presented and the calendar itself doesn’t show anything posted (days underlined) after the Nov 8th. However, clicking on the 4th or any date after the 4th shows all of the current posts as well as an updated calendar.
Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS1 user thanked author for this post.
Author
