Should I have intel-microcode installed if my UEFI/BIOS is regularly updated (new machine)?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
Hardware: Dell Inspiron 15 Gaming 7577, model number 7577-92774 (new machine).
System: I am testing Linux Mint 19 Beta based on Ubuntu 18.04.
I have an Intel Kaby Lake CPU: Intelé Core⢠i7-7700HQ CPU @ 2.80GHz (Ark Intel).
I am curious as to what advantages / disadvantages an installed intel-microcode
package has, if I regularly update my UEFI/BIOS; the latest update was on 13 Jun 2018.
I also regularly check for vulnerabilities with the help of spectre-meltdown-checker
from GitHub.
Its output is the same as with or without intel-microcode
installed (I rebooted after de-/installation before each check):
So, I suppose from the security standpoint I am covered, at the time of writing at least.
What I am unsure of, are other aspects, like performance or stability with or without the package.
Please add as much detail as possible. Thank you.
linux security performance intel stability
add a comment |Â
up vote
1
down vote
favorite
Hardware: Dell Inspiron 15 Gaming 7577, model number 7577-92774 (new machine).
System: I am testing Linux Mint 19 Beta based on Ubuntu 18.04.
I have an Intel Kaby Lake CPU: Intelé Core⢠i7-7700HQ CPU @ 2.80GHz (Ark Intel).
I am curious as to what advantages / disadvantages an installed intel-microcode
package has, if I regularly update my UEFI/BIOS; the latest update was on 13 Jun 2018.
I also regularly check for vulnerabilities with the help of spectre-meltdown-checker
from GitHub.
Its output is the same as with or without intel-microcode
installed (I rebooted after de-/installation before each check):
So, I suppose from the security standpoint I am covered, at the time of writing at least.
What I am unsure of, are other aspects, like performance or stability with or without the package.
Please add as much detail as possible. Thank you.
linux security performance intel stability
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
Hardware: Dell Inspiron 15 Gaming 7577, model number 7577-92774 (new machine).
System: I am testing Linux Mint 19 Beta based on Ubuntu 18.04.
I have an Intel Kaby Lake CPU: Intelé Core⢠i7-7700HQ CPU @ 2.80GHz (Ark Intel).
I am curious as to what advantages / disadvantages an installed intel-microcode
package has, if I regularly update my UEFI/BIOS; the latest update was on 13 Jun 2018.
I also regularly check for vulnerabilities with the help of spectre-meltdown-checker
from GitHub.
Its output is the same as with or without intel-microcode
installed (I rebooted after de-/installation before each check):
So, I suppose from the security standpoint I am covered, at the time of writing at least.
What I am unsure of, are other aspects, like performance or stability with or without the package.
Please add as much detail as possible. Thank you.
linux security performance intel stability
Hardware: Dell Inspiron 15 Gaming 7577, model number 7577-92774 (new machine).
System: I am testing Linux Mint 19 Beta based on Ubuntu 18.04.
I have an Intel Kaby Lake CPU: Intelé Core⢠i7-7700HQ CPU @ 2.80GHz (Ark Intel).
I am curious as to what advantages / disadvantages an installed intel-microcode
package has, if I regularly update my UEFI/BIOS; the latest update was on 13 Jun 2018.
I also regularly check for vulnerabilities with the help of spectre-meltdown-checker
from GitHub.
Its output is the same as with or without intel-microcode
installed (I rebooted after de-/installation before each check):
So, I suppose from the security standpoint I am covered, at the time of writing at least.
What I am unsure of, are other aspects, like performance or stability with or without the package.
Please add as much detail as possible. Thank you.
linux security performance intel stability
edited Jun 22 at 3:51
asked Jun 21 at 4:08
Vlastimil
6,2511146115
6,2511146115
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
2
down vote
accepted
TL;DR
Unless you have an uncommon reason, yes, you should have it installed.
Long answer
The public intel-microcode
distribution package is very low-risk, and after the issues with the first round of Spectre fixes, Intel has been even more conservative at pushing fixes to that distribution.
That means it is a good second-layer of safety to have it installed and up-to-date, in case your UEFI/BIOS starts getting outdated for whatever reason.
It is fact that it will become relevant sooner or later when your system vendor starts getting sloppy at updating the firmware because your system is not being sold anymore, etc.
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
accepted
TL;DR
Unless you have an uncommon reason, yes, you should have it installed.
Long answer
The public intel-microcode
distribution package is very low-risk, and after the issues with the first round of Spectre fixes, Intel has been even more conservative at pushing fixes to that distribution.
That means it is a good second-layer of safety to have it installed and up-to-date, in case your UEFI/BIOS starts getting outdated for whatever reason.
It is fact that it will become relevant sooner or later when your system vendor starts getting sloppy at updating the firmware because your system is not being sold anymore, etc.
add a comment |Â
up vote
2
down vote
accepted
TL;DR
Unless you have an uncommon reason, yes, you should have it installed.
Long answer
The public intel-microcode
distribution package is very low-risk, and after the issues with the first round of Spectre fixes, Intel has been even more conservative at pushing fixes to that distribution.
That means it is a good second-layer of safety to have it installed and up-to-date, in case your UEFI/BIOS starts getting outdated for whatever reason.
It is fact that it will become relevant sooner or later when your system vendor starts getting sloppy at updating the firmware because your system is not being sold anymore, etc.
add a comment |Â
up vote
2
down vote
accepted
up vote
2
down vote
accepted
TL;DR
Unless you have an uncommon reason, yes, you should have it installed.
Long answer
The public intel-microcode
distribution package is very low-risk, and after the issues with the first round of Spectre fixes, Intel has been even more conservative at pushing fixes to that distribution.
That means it is a good second-layer of safety to have it installed and up-to-date, in case your UEFI/BIOS starts getting outdated for whatever reason.
It is fact that it will become relevant sooner or later when your system vendor starts getting sloppy at updating the firmware because your system is not being sold anymore, etc.
TL;DR
Unless you have an uncommon reason, yes, you should have it installed.
Long answer
The public intel-microcode
distribution package is very low-risk, and after the issues with the first round of Spectre fixes, Intel has been even more conservative at pushing fixes to that distribution.
That means it is a good second-layer of safety to have it installed and up-to-date, in case your UEFI/BIOS starts getting outdated for whatever reason.
It is fact that it will become relevant sooner or later when your system vendor starts getting sloppy at updating the firmware because your system is not being sold anymore, etc.
edited Jul 15 at 17:03
Vlastimil
6,2511146115
6,2511146115
answered Jun 21 at 10:55
anonymous
462
462
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f451012%2fshould-i-have-intel-microcode-installed-if-my-uefi-bios-is-regularly-updated-ne%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password