Originally Posted by nodezero
as far as I know the updates that mitigated zombieload and other subsequent mds exploits were pushed by Windows, and the bios update from Asus then mitigates (as much as possible) the performance hit that resulted fromthe Windows updates. this is actually what 3803 did by re-enabling the overclock that many lost as a result of the previous Windows spectre/meltdown updates.
I got the impression that you needed the BIOS CPU Microcode updates to after reading https://portal.msrc.microsoft.com/en...sory/ADV190013
. This suggests checking your mitigation status (of the Specter-like things) by running a program in Powershell (See https://support.microsoft.com/en-us/...ngs-powershell
Running that program on my X99-E WS USB/3.1 with BIOS 3803 seems to say that L1TF is mitigated, but MDS/Zombieload is not:
Speculation control settings for CVE-2018-3620 [L1 terminal fault]
Hardware is vulnerable to L1 terminal fault: True
Windows OS support for L1 terminal fault mitigation is present: True
Windows OS support for L1 terminal fault mitigation is enabled: True
Speculation control settings for MDS [microarchitectural data sampling]
Windows OS support for MDS mitigation is present: True
Hardware is vulnerable to MDS: True
Windows OS support for MDS mitigation is enabled: False"
I have no idea if the 3901 BIOS update (which I assume would allow MDS protection) also somehow increases performance compared to 3803 (without MDS protection) though. The 3901 BIOS description claims some type of improved system performance, but doesn't seem to make it clear where this would be expected.
Also, I did see that a recent Windows 10 update has enabled 'retpoline' mitigation (at least for my CPU) for an older flaw. This appears to be faster than what they used to do before:
BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : True
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
BTIKernelRetpolineEnabled : True