cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Community SeniorMod
Community SeniorMod
Posts: 3,401
Registered: ‎12-01-2007
Location: US
Views: 953
Message 21 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

Hello,

 

Lenovo has a lot of different models which is still needs to validate the microcode updates on, so even though your model isn't currently listed, it may appear in a future update of the LEN-18282 security advisory, as that's been getting updated every couple of days this month.

 

Regards,

 

Aryeh Goretsky

 



I am a volunteer and neither a Lenovo nor a Microsoft employee.

L380 YogaP72 (20MB-*)P50 (20EN-*)S230u (3347-4HU)T23 (2648-LU7)T42 (2378-R4U)T43p (2678-H7U)T61p (6459-CTO)W510 (4318-CTO)W530 (2441-4R3)W530 (2441-4R3)X100e (3508-CTO)X120e (0596-CTO)X220 (4286-CTO)X250 (20CM-*)Yoga 370

  Communities:   English    Deutsche    Español    Português    Русскоязычное    Česká    Slovenská    Українська   Język Polski    Moto English

peredzhny
Fanfold Paper
Posts: 25
Registered: ‎01-23-2018
Location: FR
Views: 898
Message 22 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

After several updates, this model is ignored again.

 

Lenovo does not acknowledge that this model exists and needs attention? Did we buy a bunch of fakes?

treysis
Punch Card
Posts: 47
Registered: ‎03-01-2017
Location: DE
Views: 882
Message 23 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

It's really a shame! Not even the Pro model is listed. If at least the BIOS was not digitally signed, so that we could mod the BIOS ourselves.

 

But that's what you get for thinking Lenovo is the industry leader. In fact, now they are worse than Dell, HP, and all the other premium brands. I'd really like to use swear words here...

AndyU
Ctrl-Alt-Del
Posts: 8
Registered: ‎06-29-2014
Location: RU
Views: 875
Message 24 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

It will very useful to collect and publish statistics, how quickly different computer companies patch BIOS'es of their models, including old. Many people will use this information to decide, which laptop or MB to buy. I hope, that anyone will implement this idea. Later or sooner.
Community SeniorMod
Community SeniorMod
Posts: 3,401
Registered: ‎12-01-2007
Location: US
Views: 849
Message 25 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

Hello,

 

Funny you should mention that, as I actually do something like that as part of my day job.  I published an article at work where I've been tracking the various responses from vendors to the Spectre and Meltdown vulnerabilities.  Currently, there are 319 entries listed for vendors, and 39 for industry and government agencies around the world.  Personally, I am quite happy with how Lenovo is handling things, especially when compared to, say, Dell or HP.

 

Regards,

 

Aryeh Goretsky

 

 


@AndyU wrote:
It will very useful to collect and publish statistics, how quickly different computer companies patch BIOS'es of their models, including old. Many people will use this information to decide, which laptop or MB to buy. I hope, that anyone will implement this idea. Later or sooner.

 



I am a volunteer and neither a Lenovo nor a Microsoft employee.

L380 YogaP72 (20MB-*)P50 (20EN-*)S230u (3347-4HU)T23 (2648-LU7)T42 (2378-R4U)T43p (2678-H7U)T61p (6459-CTO)W510 (4318-CTO)W530 (2441-4R3)W530 (2441-4R3)X100e (3508-CTO)X120e (0596-CTO)X220 (4286-CTO)X250 (20CM-*)Yoga 370

  Communities:   English    Deutsche    Español    Português    Русскоязычное    Česká    Slovenská    Українська   Język Polski    Moto English

AndyU
Ctrl-Alt-Del
Posts: 8
Registered: ‎06-29-2014
Location: RU
Views: 852
Message 26 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

Aryeh,

 

Official responses can differ from the real activity. So (at least for me) the plots with dependencies of percentage of patched BIOS'es on model year and/or CPU, possibly separate for different model groups (top, intermediate, bottom level, corporate segment etc.) will be more informative and useful. There are many specialists in web scraping, volume of data to extract from each site is not very big...

 

 

peredzhny
Fanfold Paper
Posts: 25
Registered: ‎01-23-2018
Location: FR
Views: 831
Message 27 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

My experience: our business machines from Dell and HP have all been patched. Dell is fastest for us.

 

Lenovo, not responsive

treysis
Punch Card
Posts: 47
Registered: ‎03-01-2017
Location: DE
Views: 818
Message 28 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

Same for me. Dell first, then (shortly after) HP. Lenovo still waiting. Not even acknowledged...

peredzhny
Fanfold Paper
Posts: 25
Registered: ‎01-23-2018
Location: FR
Views: 737
Message 29 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

Wow.   All our Dells are patched.   For the Lenovos of this model, even acknowledgement of problem is not coming from support.

peredzhny
Fanfold Paper
Posts: 25
Registered: ‎01-23-2018
Location: FR
Views: 660
Message 30 of 55

Re: Yoga 2 13 20344 Spectre vulnerability BIOS update

Another week goes by with no acknowledgement or action by Lenovo. Contacting support was fruitless.

 

Will continue to update here and shame Lenovo.

Check out current deals!


Shop current deals

Top Kudoed Authors