Firmware updates for Intel CPU security vulnerabilities for Aspire E5-574G

Tim4
Tim4 Member Posts: 6

Tinkerer

edited September 2023 in 2019 Archives
I've been looking at Acer's list of Intel CPU security advisories.  I need to ask here which of these firmware security updates are desirable for me to install on my Aspire E5-574G-54Y2 laptop with an i5-6200U CPU, since several aspects of the information in the advisories are unclear.  Until I investigated the MDS vulnerabilities announced last month, I wasn't aware of these security advisories or that I needed to take any measures to install security patches that weren't installed with standard Windows 10 updates.

I no longer have any of the Acer software installed that came with my laptop, since I had to reinstall Windows 10 in September 2018, so I don't know if the Acer software would have recommended installing any of these security updates.  (Something was so wrong with Windows that even the "Reset this PC" process didn't work, that I tried to reset the operating system in a way that would have included the pre-installed Acer software.  I instead reinstalled Windows with the Windows 10 installation media that didn't include any Acer software.)  I have Windows 10 1809, and I'm waiting to install 1903 until I figure out what to do about the firmware updates.

There are firmware update files provided for E5-574G laptops on the "Meltdown and Spectre security vulnerabilities" and "Intel Security Vulnerabilities Regarding Intel ME, SPS and TXE" pages in the list of security advisories, but these updates are not included on Acer's web page for the E5-574G model with a list of drivers and other BIOS (UEFI) updates, from when I enter my laptop's serial number or SNID on Acer's driver search page.  The latest BIOS update on that page is 1.18 from 2017/09/21, whereas the Meltdown and Spectre page provides a BIOS update file with version 1.19.  (I currently have 1.10 installed.)  I checked a few models I don't own, and the BIOS versions on the Meltdown and Spectre page for those models are also not included on their driver pages (for instance Aspire E5-573G, E5-575G, E5-576G, and V3-574G, though in some cases later BIOS versions are present on the driver pages).

Since the 1.19 BIOS update and the firmware updates on the "Intel Security Vulnerabilities Regarding Intel ME, SPS and TXE" page are not included on my laptop's driver page, I feel I need to ask here whether it's safe and desirable for me to install them (and if it matters in which order I install them).  I expect that Acer made a mistake about not including these security updates on the driver pages, but it could instead be that Acer considers them not to be ready or desirable for people to install, and intentionally didn't include them on the driver pages.

The "SGX Update and Attestation Key Recovery" page shows my E5-574G model but says "To Be Updated" rather than providing a BIOS update file like it does for other models.  Maybe it's supposed to be the 1.18 BIOS update on my model's driver page, which has the title "Update CPU Microcode for Intel SGX security issue."  I probably saw this 1.18 update when I visited the driver page previously but wasn't motivated to install it since there is no written description of what the BIOS updates do to give me enough information to judge the security patch sufficiently important to risk damaging my computer from updating the BIOS.

My model isn't included in any of the other security advisories, but models with similar names, such as E5-575G, are included in the "Speculative Execution Side-Channel Vulnerabilities L1 Terminal Fault" and "Intel Microarchitectural Data Sampling Vulnerabilities in Modern Processors" pages.  I expect my laptop is affected by both of these vulnerabilities, so I hope Acer is making the effort to provide security updates for my model.  My CPU model is included in Intel's list of models affected by MDS.

I'll look again after I update the BIOS, but I don't see an option in the BIOS I have installed for disabling hyper-threading.  I suggest providing information for how to disable hyper-threading as part of the MDS advisory.  I saw someone say in another forum that Acer laptops and desktops don't include advanced BIOS settings like other computers do that allow disabling hyper-threading, but now with MDS people need to have the option to disable hyper-threading (to improve security at the expense of CPU performance).

Answers

  • Tim4
    Tim4 Member Posts: 6

    Tinkerer

    I tried to post a question about my Aspire E5-574G-54Y2 laptop on the "Aspire, E and F Series Laptops" forum on June 20, but as far as I can tell my post has never been made public, and I haven't received any other kind of response.  I tried to post again in the same forum on July 10 to ask the question again or find out what happened to my original post, but the July 10 post hasn't been made public either.

    It's important to me to receive an answer to the question I posted.  I can post the question again here or on any other forum if the post will work.  I decided to try posting in this "Welcome Forum" in case there's a problem with the "Aspire, E and F Series Laptops" forum, to see if anyone can tell me what the problem was with my posts in the "Aspire, E and F Series Laptops" forum, or to see if anyone can tell me how I can effectively ask the question to receive a response.

  • Hello! What was the question you had asked on the other topics?
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • Tim4
    Tim4 Member Posts: 6

    Tinkerer

    I attempted to post here about an hour ago where I included the titles of my June 20 and July 10 posts and the body of my June 20 post, but the forum software blocked that message from becoming public too, with the same message the software gave when I attempted to submit the June 20 and July 10 posts: "Your comment will appear after it is approved."  I'm surprised that my post to this Welcome Forum became public immediately, without that message, when I posted it yesterday.  Probably there's something in the text of my messages that the software automatically detected that blocked the messages, and maybe there was supposed to be some person to read the posts before making them public.  However, such a long time has passed now since my June 20 post that it's inappropriate for the review to take so long, and presumably there's either a software or human error.

    I decided to try posting this message now without including the titles or bodies of my original posts, so that maybe the forum software won't block this message when analyzing the text.  I hope that, if this message isn't blocked, someone will be able to tell me how to ask my initial question so that it is not blocked, or that someone will be able to resolve whatever the problem is that blocked my initial posts for such a long time.


  • You can ask the moderators Acer-Karp or Acer-Manny via a private message why your post was not published.
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • Tim4
    Tim4 Member Posts: 6

    Tinkerer

    My attempted June 20 post on the "Aspire, E and F Series Laptops" forum had the title "Firmware updates for Intel CPU security vulnerabilities for Aspire E5-574G", and my attempted July 10 post, where I asked the same question again, had the title "Firmware updates for Intel CPU security vulnerabilities for Aspire E5-574G (second post)".

    I needed to ask which firmware security updates I should install on my Aspire E5-574G-54Y2 laptop.  There are several shortcomings in how Acer has provided firmware security updates.  My intention with my June 20 post was first to ask what I should do with my own laptop specifically, and I thought I might post again with suggestions for how Acer can improve how it provides firmware security updates, for which I could post in the "Acer Ideas" forum.  (I would have needed to make my initial post longer if I wanted to include the suggestions I have, and the post was already long enough.)

    I haven't installed any firmware updates since posting initially, and I still have the same questions, since Acer hasn't changed the aspects of its security advisories I asked about.  I saved my June 20 post, which I suppose I'll post again here in case someone might respond to the questions:

    I've been looking at Acer's list of Intel CPU security advisories.  I need to ask here which of these firmware security updates are desirable for me to install on my Aspire E5-574G-54Y2 laptop with an i5-6200U CPU, since several aspects of the information in the advisories are unclear.  Until I investigated the MDS vulnerabilities announced last month, I wasn't aware of these security advisories or that I needed to take any measures to install security patches that weren't installed with standard Windows 10 updates.

    I no longer have any of the Acer software installed that came with my laptop, since I had to reinstall Windows 10 in September 2018, so I don't know if the Acer software would have recommended installing any of these security updates.  (Something was so wrong with Windows that even the "Reset this PC" process didn't work, that I tried to reset the operating system in a way that would have included the pre-installed Acer software.  I instead reinstalled Windows with the Windows 10 installation media that didn't include any Acer software.)  I have Windows 10 1809, and I'm waiting to install 1903 until I figure out what to do about the firmware updates.

    There are firmware update files provided for E5-574G laptops on the "Meltdown and Spectre security vulnerabilities" and "Intel Security Vulnerabilities Regarding Intel ME, SPS and TXE" pages in the list of security advisories, but these updates are not included on Acer's web page for the E5-574G model with a list of drivers and other BIOS (UEFI) updates, from when I enter my laptop's serial number or SNID on Acer's driver search page.  The latest BIOS update on that page is 1.18 from 2017/09/21, whereas the Meltdown and Spectre page provides a BIOS update file with version 1.19.  (I currently have 1.10 installed.)  I checked a few models I don't own, and the BIOS versions on the Meltdown and Spectre page for those models are also not included on their driver pages (for instance Aspire E5-573G, E5-575G, E5-576G, and V3-574G, though in some cases later BIOS versions are present on the driver pages).

    Since the 1.19 BIOS update and the firmware updates on the "Intel Security Vulnerabilities Regarding Intel ME, SPS and TXE" page are not included on my laptop's driver page, I feel I need to ask here whether it's safe and desirable for me to install them (and if it matters in which order I install them).  I expect that Acer made a mistake about not including these security updates on the driver pages, but it could instead be that Acer considers them not to be ready or desirable for people to install, and intentionally didn't include them on the driver pages.

    The "SGX Update and Attestation Key Recovery" page shows my E5-574G model but says "To Be Updated" rather than providing a BIOS update file like it does for other models.  Maybe it's supposed to be the 1.18 BIOS update on my model's driver page, which has the title "Update CPU Microcode for Intel SGX security issue."  I probably saw this 1.18 update when I visited the driver page previously but wasn't motivated to install it since there is no written description of what the BIOS updates do to give me enough information to judge the security patch sufficiently important to risk damaging my computer from updating the BIOS.

    My model isn't included in any of the other security advisories, but models with similar names, such as E5-575G, are included in the "Speculative Execution Side-Channel Vulnerabilities L1 Terminal Fault" and "Intel Microarchitectural Data Sampling Vulnerabilities in Modern Processors" pages.  I expect my laptop is affected by both of these vulnerabilities, so I hope Acer is making the effort to provide security updates for my model.  My CPU model is included in Intel's list of models affected by MDS.

    I'll look again after I update the BIOS, but I don't see an option in the BIOS I have installed for disabling hyper-threading.  I suggest providing information for how to disable hyper-threading as part of the MDS advisory.  I saw someone say in another forum that Acer laptops and desktops don't include advanced BIOS settings like other computers do that allow disabling hyper-threading, but now with MDS people need to have the option to disable hyper-threading (to improve security at the expense of CPU performance).
  • Tim4
    Tim4 Member Posts: 6

    Tinkerer

    I need to post to ask which firmware security updates I should install on my Aspire E5-574G-54Y2 laptop, from Acer's list of Intel CPU security advisories or from the laptop's driver page.

    I tried to post on this forum on June 20, with the subject "Firmware updates for Intel CPU security vulnerabilities for Aspire E5-574G", but as but as far as I can tell my post has never been made public.  When I submitted the post on the Acer web page, it gave me a message that there was going to be some sort of review of my post before making it public.  I never received any email about my post, and I don't see my post in the forum when searching for the post's title.  I don't know what happened to my original post, but I hope to receive a response so that I know which security updates to install to patch the security vulnerabilities on my computer.

    I saved my original post, which was:

    I've been looking at Acer's list of Intel CPU security advisories.  I need to ask here which of these firmware security updates are desirable for me to install on my Aspire E5-574G-54Y2 laptop with an i5-6200U CPU, since several aspects of the information in the advisories are unclear.  Until I investigated the MDS vulnerabilities announced last month, I wasn't aware of these security advisories or that I needed to take any measures to install security patches that weren't installed with standard Windows 10 updates.

    I no longer have any of the Acer software installed that came with my laptop, since I had to reinstall Windows 10 in September 2018, so I don't know if the Acer software would have recommended installing any of these security updates.  (Something was so wrong with Windows that even the "Reset this PC" process didn't work, that I tried to reset the operating system in a way that would have included the pre-installed Acer software.  I instead reinstalled Windows with the Windows 10 installation media that didn't include any Acer software.)  I have Windows 10 1809, and I'm waiting to install 1903 until I figure out what to do about the firmware updates.

    There are firmware update files provided for E5-574G laptops on the "Meltdown and Spectre security vulnerabilities" and "Intel Security Vulnerabilities Regarding Intel ME, SPS and TXE" pages in the list of security advisories, but these updates are not included on Acer's web page for the E5-574G model with a list of drivers and other BIOS (UEFI) updates, from when I enter my laptop's serial number or SNID on Acer's driver search page.  The latest BIOS update on that page is 1.18 from 2017/09/21, whereas the Meltdown and Spectre page provides a BIOS update file with version 1.19.  (I currently have 1.10 installed.)  I checked a few models I don't own, and the BIOS versions on the Meltdown and Spectre page for those models are also not included on their driver pages (for instance Aspire E5-573G, E5-575G, E5-576G, and V3-574G, though in some cases later BIOS versions are present on the driver pages).

    Since the 1.19 BIOS update and the firmware updates on the "Intel Security Vulnerabilities Regarding Intel ME, SPS and TXE" page are not included on my laptop's driver page, I feel I need to ask here whether it's safe and desirable for me to install them (and if it matters in which order I install them).  I expect that Acer made a mistake about not including these security updates on the driver pages, but it could instead be that Acer considers them not to be ready or desirable for people to install, and intentionally didn't include them on the driver pages.

    The "SGX Update and Attestation Key Recovery" page shows my E5-574G model but says "To Be Updated" rather than providing a BIOS update file like it does for other models.  Maybe it's supposed to be the 1.18 BIOS update on my model's driver page, which has the title "Update CPU Microcode for Intel SGX security issue."  I probably saw this 1.18 update when I visited the driver page previously but wasn't motivated to install it since there is no written description of what the BIOS updates do to give me enough information to judge the security patch sufficiently important to risk damaging my computer from updating the BIOS.

    My model isn't included in any of the other security advisories, but models with similar names, such as E5-575G, are included in the "Speculative Execution Side-Channel Vulnerabilities L1 Terminal Fault" and "Intel Microarchitectural Data Sampling Vulnerabilities in Modern Processors" pages.  I expect my laptop is affected by both of these vulnerabilities, so I hope Acer is making the effort to provide security updates for my model.  My CPU model is included in Intel's list of models affected by MDS.

    I'll look again after I update the BIOS, but I don't see an option in the BIOS I have installed for disabling hyper-threading.  I suggest providing information for how to disable hyper-threading as part of the MDS advisory.  I saw someone say in another forum that Acer laptops and desktops don't include advanced BIOS settings like other computers do that allow disabling hyper-threading, but now with MDS people need to have the option to disable hyper-threading (to improve security at the expense of CPU performance).


  • Commodore_1995#
    Commodore_1995# ACE Posts: 98,305 Trailblazer
    edited July 2019
    These updates were implemented because some security flaws were discovered in intel processors and could only be corrected by upgrading the motherboard firmware. Some time ago, some users that the spectre and meltdown updates caused their notebook to lose performance. I suggest you run this tool to check if you really need to upgrade the motherboard firmware: https://www.grc.com/inspectre.htm
    The most current version of uefi is version 1.19 posted on the link about meltdown and spectre. However, if your notebook is working properly, I would not update uefi.
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • About mds, what is the exact version of your notebook model? Example an515-51-75kz.
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • I had answered on your other topic.
    Microsoft has released some fixes for spectre and meltdown has also released some fixes for this problem. In addition, Acer has also released the bios update for these issues. However, as I told you earlier, these updates used to slow processor performance, which is why I recommend you download this tool: https://www.grc.com/inspectre.htm
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • Tim4
    Tim4 Member Posts: 6

    Tinkerer

    Thank you for your responses, @egydiocoelho .  I sent @Acer-Karp a private message, as you suggested, yesterday, and received a private message in response informing me that the forum software had mistakenly flagged my posts spam and blocked them from becoming public in the forums.  There are several aspects of how the software malfunctioned that I'll have to explain to Acer so that they can fix the software, where maybe I'll post in the Acer Ideas forum with details.

    @Acer-Karp seems to have made public in the forums yesterday the three posts I had tried to make that had been blocked as spam: my two posts in the "Aspire, E and F Series Laptops" forum and the post in this Welcome Forum thread.  I saw you responded to my "Firmware updates for Intel CPU security vulnerabilities for Aspire E5-574G (second post)" post in the "Aspire, E and F Series Laptops" forum.  However, shortly after you posted those responses, another moderator, @Acer-Harvey, deleted that post, along with your responses, before I was able to read your responses.  I asked @Acer-Harvey to restore the post so that I can read your responses.  Once I can read your responses, I'll post again about the firmware security updates I initially asked about in my posts that had been blocked as spam.

  • OK! However, the answer I gave earlier is basically the same as this post. The spectre and meltdown updates have been released by both microsoft and a bios update. The problem is, some models have lost performance and that's why I ask you to download the inspectre tool.
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :)