Skip to main content

Motherboard Vendors Release BIOS Updates For Spectre (Updated)

Updated, 1/18/2018, 6:00am PT: ASRock said in a statement that it's "aware that the current Intel microcode version might be defected by security vulnerabilities" and is "working closely with Intel to fix and update new BIOS for ASRock 100/200/Z370/X299 series motherboards." You can find these BIOS updates on the company's website. MSI also released updates for its Vortex and VR One series laptops. You might want to wait to  install these updates, however, because Intel has warned that they can cause problems with many of its recent CPUs

Updated, 1/12/2018, 1:00pm PT: Gigabyte joined the list of vendors offering BIOS updates to their customers to address the Spectre vulnerabilities. Despite originally saying its products weren't vulnerable to Spectre Variant 2, AMD also joined that list by releasing patches to address both variants of Spectre.

Original, 1/11/2017, 10:55am PT:

BIOS updates to address the Spectre vulnerability have begun rolling out from the major motherboard OEMs.

Patches and updates for Meltdown/Spectre vulnerabilities continue to trickle in. Due to there actually being multiple vulnerabilities, each of which requires different fixes, and patches not always saying which vulnerability they address, it can be hard to know if you’re fully protected.

When the issue first broke, Intel said that CPU microcode (BIOS) updates would be required in addition to software patches. The company later said it had released the updates, but it wasn’t clear in what form users would receive them nor what vulnerability they were for. AMD, being invulnerable to Meltdown, said that it was still vulnerable to one of the vulnerabilities in Spectre, but it had not issued any updates.

To clear the air on all this before we get any further, we defer to the table below from Microsoft.

Only Variant 2, one of the two vulnerabilities that make up Spectre, requires a CPU microcode update. Variant 2 is also the vulnerability that AMD has said it is most likely not vulnerable to, thus the company has not issued any updates.

The only required BIOS updates are to address Variant 2 for Intel CPUs. If your Intel machine is from a system OEM, look for the updates to come from that manufacturer, most of which are linked here. DIY builders are, as usual, left waiting for motherboard OEMs to release updates

To that end, the first few are beginning to trickle in. Asus was the first to address the issue. MSI has also just released their first updates. We searched for updates from Gigabyte, ASRock, and EVGA, but didn’t find anything yet. We’ve reached out to them on the status of their updates and will update this post with their response.