Back when the Spectre and Meltdown vulnerabilities came to light, we had a spirited discussion after work about the mitigations. On some systems, The mitigations required a BIOS update. My boss asked, who updates their BIOS? Fair question. So should you update your BIOS?
I said I wanted to start using that as a job interview question. I could be convinced either way, but I want someone to be able to defend their answer. So let’s go over the pros and cons of updating your BIOS.
What’s the benefit of updating your BIOS?
I’m not asking the question rhetorically. If you don’t know what the benefit is of applying an update, That’s a good sign you might not need to be messing with it. BIOS code doesn’t change very frequently, or at least it shouldn’t.
If your system is having a problem, or there’s some new hardware that your BIOS doesn’t support but a new version does, then go ahead. I wouldn’t be too surprised if you contacted support with an issue and one of their first questions is whether you’re running the newest BIOS. Back when I was a systems administrator and needed to call Dell, they wouldn’t even talk to me if I wasn’t running the newest BIOS. The problem was never the BIOS, it was the crap capacitors they were using at the time, or the junk Intel P4 CPUs of the time, but they always hid behind the BIOS. So you may have to do it to get past the take two aspirins and call me in the morning answer.
On vintage systems, a newer BIOS can help compatibility issues, especially with newer hardware. On newer systems, the benefit is sometimes less tangible.
What is the BIOS?
BIOS stands for basic input output system. It provides the low-level code that sits between the hardware and the operating system. It allows you to do the initial setup of the hardware, and provides the code necessary to load and operating system. Every BIOS is computer-specific, and reverse engineering IBM’s BIOS was the key to the modern computer industry. The first season of the TV show Halt and Catch Fire dramatized this this otherwise mundane subject.
Modern operating systems don’t make much use of the BIOS once they are loaded.
In the old days, the BIOS was on a ROM chip, and updating it required prying out the old ROM chip and plugging in a new one. The process was about the same as swapping a CPU. And it could be expensive too. A MR BIOS cost $100. Needless to say, you almost never did it.
In the mid 1990s, they started putting the BIOS on EEPROM chips, which meant it could be updated through software. Updating your BIOS became much more common after that. But it was still something you didn’t update All that often.
The risks of updating your BIOS
I don’t update my BIOS all that often. The reason is if something goes wrong when programming the chip, the system can no longer boot. The main thing that can cause problems is a power outage, so it is rare, but not zero. To take a risk, I need to be getting something out of it.
Recovering from a failed update requires swapping a chip. Hopefully that chip is socketed. On some boards, there is a second backup BIOS in case something goes wrong. But it’s better to know before you need it if there is a backup or not.
The difficulty of recovering from a bad BIOS update is why I don’t recommend casual BIOS updates. We also don’t get them nearly as frequently as operating system updates. At least not on quality or mature hardware. If you are seeing a BIOS update every month, something is horribly wrong. Even once a year seems excessive.
Should I update my BIOS: in conclusion
So should I update my BIOS? Keeping systems up to date is literally what I do for a living in my day job. But the risks from a bios update are somewhat higher. If you’re getting something out of it, then updating your BIOS is better than going without. But it’s not something worth obsessing over. And it’s certainly not something to do just because you’re bored. I hate to say that BIOS updates are overrated, but on new systems, that’s not unfair.