[SOLVED] Intel CPU new vulnerabilities. Help.

[Deleted member 2316159]

Hi, i have an i5-9600k and an ASUS Maximus Hero XI WiFi mobo and i'm aware of the latest vulnerabilities of intel cpu's. I updated the ME, i installed the last cumulative update for windows and i'm waiting for the microcode update (BIOS). Here's how's my system right now. If i update the bios when its released, will i be fine? Or do i have another vulnerabilities? If so, can you tell me how to patch them? Thanks.

Here's the powershell check:

Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: False

Speculation control settings for CVE-2018-3639 [speculative store bypass]

Hardware is vulnerable to speculative store bypass: True
Hardware support for speculative store bypass disable is present: True
Windows OS support for speculative store bypass disable is present: True
Windows OS support for speculative store bypass disable is enabled system-wide: True

Speculation control settings for CVE-2018-3620 [L1 terminal fault]

Hardware is vulnerable to L1 terminal fault: False

Speculation control settings for MDS [microarchitectural data sampling]

Windows OS support for MDS mitigation is present: True
Hardware is vulnerable to MDS: True
Windows OS support for MDS mitigation is enabled: False

BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : True
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
BTIKernelRetpolineEnabled : False
BTIKernelImportOptimizationEnabled : False
KVAShadowRequired : False
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : False
KVAShadowPcidEnabled : False
SSBDWindowsSupportPresent : True
SSBDHardwareVulnerable : True
SSBDHardwarePresent : True
SSBDWindowsSupportEnabledSystemWide : True
L1TFHardwareVulnerable : False
L1TFWindowsSupportPresent : True
L1TFWindowsSupportEnabled : False
L1TFInvalidPteBit : 0
L1DFlushSupported : True
MDSWindowsSupportPresent : True
MDSHardwareVulnerable : True
MDSWindowsSupportEnabled : False

And here is a link for the image of MDSTool and the active vulnerabilities.

https://www.techpowerup.com/forums/attachments/untitled-jpg.123292/

 

[rgd1101]

Or do i have another vulnerabilities?

don't know. they might find more new one.

 

[Deleted member 2316159]

don't know. they might find more new one.

Thanks for your answer. What i asked if i am protected of the older ones, and the only one i have now is the new one. Thanks again!

 

[NightHawkRMX]

In reality, if you keep your antivirus up to date and make sure you don't download anything fishy, you will be unlikely to fall victim to one of these vulnerabilities.

I would mainly be worrying about the performance hits from these mitigations.

 

[Deleted member 2316159]

In reality, if you keep your antivirus up to date and make sure you don't download anything fishy, you will be unlikely to fall victim to one of these vulnerabilities.

I would mainly be worrying about the performance hits from these mitigations.

Do you know if i am safe for other vulnerabilities (according to my image in the link) except the new mds one?