I am making this due to seeing many mis-informed users that are engaging in dangerous practices.
Microcode updates should ALWAYS be installed unless you are an expert user and have repeatedly verified that your CPU doesn't require them and you are prepared for the risks which include for instance on the piledriver CPU's (opteron 63xx/43xx and the G505S's laptop cpus) a userland to root exploit, a broken IOMMU and a timer issue that means games and certain applications don't work properly. Unfortunately x86 is stuck with non owner controlled undocumented proprietary microcode updates and in the case of intel they are encrypted for some reason - AFAIK only POWER has owner controlled microcode. Despite this it is still a good idea to install them - I do on my coreboot computers and thus I don't ruin my security for no good reason. NOTE: For microcode embedding in coreboot to work you must check both the "generate microcode update from tree" option and the "use non-free blob repo" option - doing the first but not the second will result in a silent fail.
0xDF372A17.asc
Description: application/pgp-keys
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
