Intel Microcode Bootloader : Protection Against the Spectre Vulnerability

In the January of the year 2018, two shocking vulnerabilities in the Intel processors were revealed to the public. These vulnerabilities, Meltdown and Spectre, affect Intel processors manufactured between the year 1995 and early 2018. The Meltdown vulnerability was fixed by operating system updates but Spectre vulnerability needs updating the BIOS firmware. For the update of BIOS firmware you are dependent on the motherboard manufacturers but they release the firmware updates for their newest motherboards only. If you are stuck with an older motherboard and want to fix the Spectre vulnerability, then you can use the Intel Microcode Bootloader.

Intel Microcode Bootloader is a custom bootloader with microcode patches to fix the Spectre vulnerability for all the Intel processors released so far by Intel. You are supposed to create a bootable USB pen drive using this tool and use this pendrive to boot into Windows. This way Windows is loaded with the appropriate microcodes and thus Spectre vulnerability is mitigated without having to actually update the firmware.

Before jumping up and using this tool, first ensure that you really need it. Perhaps your PC is already patched and you don’t need to take extra steps. For checking whether your Windows PC is protected against Meltdown and Spectre, you can use the InSpectre tool. This portable tool works on all versions of Windows. For example, my test PC running Windows 10 version 1809 is well protected from Meltdown and Spectre and does not need anymore protections.

Microcode Bootloader

If your PC is not protected against the Spectre vulnerability, then you can do use the Intel Microcode Bootloader in the following manner:

  1. Format a USB pendrive with FAT32 partition.
  2. Download IntelMicrocodeBootLoader.zip from https://www.ngohq.com/intel-microcode-boot-loader.html
  3. Extract the contents of IntelMicrocodeBootLoader.zip to the pendrive.
  4. Run Install.exe from the pendrive and make the pendrive bootable.Microcode Bootloader
  5. Reboot PC and press F2 or Del to open the BIOS.
  6. In the BIOS, change first boot device to be the USB pendrive and choose legacy boot mode.
  7. Save BIOS and reboot.

Now when your PC boots, it will boot using the attached USB pendrive and will use the microcode patch. This workaround will keep your Windows PC protected against the Spectre vulnerability. However, you must use the bootable USB pendrive every time you start your PC.

Leave a Reply

Your email address will not be published. Required fields are marked *