i saw that my laptop manufacturer released a week ago a bios update concerning Intel vulnerabilities(not system stability).
i was wondering if the intel-ucode package i have takes care of those,and is it done automatically with Manjaro updates?
ucode is not the same as BIOS firmware.
The ucode is a special firmware for the CPU, while the BIOS firmware is the firmware for your motherboard.
so does ucode patches those intel vulnerabilities but it’s not permanent?
If what you said is true:
then only a BIOS update will fix that.
Many mitigations can be done in ucode, but BIOS is where it should get it’s real fix.
is there an easy and secure way to update the bios in Linux?
i looked around and it seems quit the process and kind of risky(for example the Fwud arch wiki page).
i suppose I’m better of just do it in windows when the opportunity arise(e.g manjaro needs a reinstall).
even though I’ll probably skip this update as it doesn’t seem to concern performance and as i understand those Intel vulnerabilities are more theoretical than a real threat for the average user and manufacturers release those bios updates since they must.(and it slows down the CPU at each patch).
Well, there is always some amount of risk when changing anything at hardware level.
My first suggestion would be to check if the manufacturer provides an OS-independent update process – like writing the new BIOS version on an USB drive, which could be detected and installed directly from BIOS.
it seems they have the “BIOS for ASUS EZ Flash Utility " which does everything in the bios, and watchig their video tutorial it seems quit painless,so that’s great news
anyhow I’ll probably wait quit a bit before(if at all) attempting it; 7days from release is to soon,especially that according to them,” It is not allowed to downgrade the BIOS version."
for further reference: