Search the Community
Showing results for tags 'cpu microcode patch'.
WARNING!: The following post is for INFORMATIONAL PURPOSES ONLY! I do NOT advise that anyone use this as any kind of tutorial or guide unless they are absolutely certain that they know what they are doing, are prepared to potentially break, hose, crash/BSOD their system, potentially resulting in the loss of data or other system damage/malfunction. I take no responsibility for anyone who chooses to attempt this and ends up damaging and/or crashing their system or wiping any/all data from their OS or anything else that might potentially go wrong in the course of attempting these actions. So, with that scary disclaimer out of the way, here is a story about persistence in the face of planned obsolescence. I'm still using Windows 7 (with no plans to upgrade to any newer version of Windows any time soon and it seems I'm not alone) but I'm running fairly modern hardware (an Intel i7-7700K (Kaby Lake) based system). Unfortunately this means that, at least currently, Microsoft doesn't support any of the CPU microcode updates for my system to secure it against any of the recently exposed vulnerabilities that have been making headlines lately (the now infamous Spectre and Meltdown vulnerabilities; additional info here) because a) I'm not running the only OS they seem to care too much about right now, the glorious Windows 10, and b) because I'm using a modern CPU, which according to MS is not an officially supported combination (even though the two work quite well together, as does my new Samsung 960 PRO NVME SSD and all the other new/modern parts I chose to use in my laptop). This means I had to use a sort of "hack" in order to be able to download/install updates through Windows Update (done ), and that I had to either hope that the OEM who built my laptop would publish a microcode update for my BIOS (unlikely given their smaller size and specialized clientele), or that MS would have a change of heart and push out a version of Intel's microcode update for my CPU to Windows 7 users (not frickin' likely given how adamant they are about this whole "DOWNGRADE UPGRADE TO WINDOWS 10 NAAAAAAOOOOOWWWW!!!!!" kick they seem to be on these days). So, I sought alternatives. I knew (thanks to the fact that MS is doing so for Windows 10, with Intel's assistance) that it was possible to patch my CPU microcode via a driver within the operating system in order to apply some of the mitigations without having to locate a patched BIOS for my motherboard, I just had to find a way to do so in Windows 7. I'd all but given up hope when I just happened to be doing some searching/reading (this thing we old folks call "research" ) on the subject to see if there were any new developments on the Kaby Lake/Windows 7 CPU microcode front, and low and behold, a glimmer of hope. I read the thread thoroughly several times and learned that, not only had Intel actually published their latest CPU microcode for my chip on their website (for Linux, but thankfully it's universal), but someone actually made a tool to use that same microcode to patch CPUs running Windows via their own custom driver that even reports the microcode's status/functionality (or not) to Event Viewer so that I can monitor it (though I also followed the advice in the thread to verify it myself using a tool fit for that purpose). So after all of this, I can now confirm that I'm running Intel's CPU microcode version 84 which, as of this writing, is the latest version available from Intel for my particular chip !: So there you have it. An outdated awesome OS with an exclusive Intel patch. I'm happy , especially with this, my Windows Updates, and my best-in-class exploit protection thanks to Malwarebytes 3 which helps to fend off other pesky, as of yet unpatched (and even unknown) vulnerabilities. Life is good.