Dismiss Notice
Some Razer services have been impacted due to the unique circumstances COVID-19 has created. We apologize for any inconvenience and appreciate your understanding during this critical time.

Meltdown vulnerability

Discussion in 'Systems' started by boczkovsky, Jan 4, 2018.

Thread Status:
Not open for further replies.
  1. boczkovsky

    boczkovsky New Member

    Any official comment on Meltdown Intel vulnerability from Razer Team?
    Really looking forward to see your solution to this problem and how it will affect your products
    Link to the website that is describing everything: https://meltdownattack.com/
    Edit #1: Forgot to add the link
     
    tamashumi, pancholr and DestaKhoo like this.
  2. eugenex6o4

    eugenex6o4 Active Member

    That.. was a scary read. Surprised I didn't read about this sooner... knowledge is power but there's still so much to learn and be aware of.
     
  3. mechapathy

    mechapathy New Member

    lol Razer doesn't patch things. SA-00086 is still unpatched, and outside of a post on the first thread about it stating they had a patch (which isn't true, thread was locked after), they haven't even acknowledged it. Don't hold your breath on this.
     
  4. FiszPL

    FiszPL Well-Known Member

    Razer has nothing to do with these vulnerability. It's Intel's fault (they failed at hardware level, when designing CPU). To fully fix it - CPU need to be replaced (but there's no improved revision at the moment). "Workaround" patches will be available through OS (Windows / Linux / OS X).
     
    Destrok and H00dy like this.
  5. mo-iro

    mo-iro Active Member

    Windows 10 patch is live, and razer has nothing to do to correct, once it's a cpu problem
     
    Last edited: Jan 4, 2018
  6. That is simply not true according to https://www.theverge.com/2018/1/4/16848976/how-to-protect-windows-pc-meltdown-security-flaw

    Quote:

    "A firmware update from Intel is also required for additional hardware protection, and those will be distributed separately by OEMs. It’s up to OEMs to release the relevant Intel firmware updates, and support information for those can be found at each OEM support website. If you built your own PC you’ll need to check with your OEM part suppliers for potential fixes"

    While it definitely is Intel's fault, Razer still needs to work with them to release a firmware to patch this up. This point should not be missed as this is one of the biggest security issues at the moment.
     
    Last edited by a moderator: Jan 16, 2018
  7. FiszPL

    FiszPL Well-Known Member

    Nope, noone released firmware for this vulnerabilities (I mean the big players: Dell, Lenovo, HP etc..). Everyone are waiting for OS patch/fix, which is working (probably), but there will be some CPU slowdown.
     
    H00dy likes this.
  8. PlatinumC

    PlatinumC Active Member

    Spuuky stuff

    I'm already paranoid enough lol.
    Like the saying goes - just because you are paranoid, doesn't mean, they are not out to get you.
     
    Last edited by a moderator: Jan 4, 2018
    vistar likes this.
  9. Pentalobe

    Pentalobe Active Member

    Unlike the Intel SA-00086 ME vulnerability, these bugs (meltdown and spectre) have really been blown out of the water by the press for no good reason. The OS makers are already working on a fix, and I'm sure webbrowsers etc are also going to be making changes. It requires some real carelessness on the user's part to get malicious code running on your machine in the first place.

    There isn't anything Razer or Intel and do about changing speculative execution behavior, short of designing a CPU fundamentally different from the way CPUs have been designed going all the way back to the 90s.

    Unless you are a cloud hosting provider, or enjoy executing strange javascript from sketchy websites, there isn't much to worry about.

    Although I'm definitely looking forward to next week's episode of Steve Gibson's Security Now podcast, much more than normal.
     
  10. RazerSapiyo

    RazerSapiyo Community Staff Member

    Hi @mechapathy, have you contacted our support teams for the patch? I've double checked personally and the SA-00086 patch is available. Drop me a PM if you are having troubles getting it.
     
    freakydoctor likes this.
  11. Wontollaz

    Wontollaz Active Member

    Hello.

    I've applied the SA-00086 patch yesterday, I think it should be announced in Synapse because you have to dig in the forums to find it, BTW any news about Meltdown & Spectre fix?.
     
    sht0rm likes this.
  12. Trinetra27

    Trinetra27 New Member

    bowiescompanda, vistar and Wontollaz like this.
  13. bowiescompanda

    bowiescompanda Active Member

    Thank you @Trinetra27. Kind of pathetic that you have to dig through the forums for stuff like this. Can't wait to find the Meltdown and Spectre fix in 5 months on some random 2-month old post in the LoL section....
     
    Assartien likes this.
  14. anomaly256

    anomaly256 New Member

    Intel have released a microcode update which adds instructions that help mitigate Meltdown and Spectre without as much of a performance penalty as the software-only approaches being applied by Microsoft and Linux. Without this microcode update, people will notice worse performance in all operating systems. Since this is gamer hardware and gamers care about performance, I believe it would be incredibly silly for Razer not to provide a BIOS update to include this microcode. (Ps: Razer: Add the Infineon TPM firmware update to your new bios images, as well as the ME firmware update k thx)

    [edit:] nb: It should be noted that these operating systems have a method of loading microcode during boot, however setting this up at least on Linux can be tricky for less experienced users. Further more in the past there have been problems with microcode updates being applied after glibc based code has begun to run, namely the microcode update that fixed the TXT issue caused many systems to crash unless deployed in the bios directly. I'm noting this so Razer don't try to claim 'but OSes already include the fix' - this isn't necessarily true or desirable compared to baking it in to a BIOS update directly
     
  15. Another customer here interested in the fix. Waiting patiently for microcode updates. I'll add to the chime of: "no, it's not fixed until the microcode is updated". Yes, there are software workarounds but they hurt more than when part of the fix is implemented on the processor itself. It probably won't matter to most games, but not everybody who buys a rbs or similar is using it for gaming.
     
    vistar likes this.
  16. dedreiix

    dedreiix Member

    Again Razer does not active inform their customers about issues and / or bugfixes.

    This is so disapointing. :-(
     
  17. figrin1

    figrin1 Well-Known Member

    Is it Razer's responsibility to notify customers about an issue created by Intel and which can only be addressed by the OS manufacturer (and which has automatically been patched by that OS manufacturer)?
     
  18. vistar

    vistar Active Member

    Sorry, but a microcode update is needed also, provided by the OEM.
    [​IMG]
     
    sht0rm likes this.
  19. dedreiix

    dedreiix Member

    Yes it is. Because they are selling the product and they are responsible for issues like this.
    At least they could actively inform their customers about the issues and risks that can be caused by those vulnerabilities. This would be great customer care.
     
    Pentalobe and sht0rm like this.
  20. Pentalobe

    Pentalobe Active Member

    Last edited by a moderator: Feb 1, 2018
    vistar likes this.
Thread Status:
Not open for further replies.
Sign In with Razer ID >


Don't have a Razer ID yet?
Get Razer ID >