News Stay informed about the latest enterprise technology news and product updates.

Intel's Spectre microcode patch not coming for older chips

No Spectre microcode patches will be coming for older Intel processors, but the newest generation of Intel CPUs will have mitigations built in when they ship later this year.

New Intel guidance confirms hundreds of older chips will not receive the latest Spectre microcode patch, while...

the newly announced Core i9 CPU will have the Spectre fix by default.

According to a new guidance report, the development of Intel microcode patches for Spectre and Meltdown will be "stopped" for approximately 12 different CPU families, covering more than 230 processor models. Intel said the reasons for halting progress on the patches were a combination of the "micro-architectural characteristics" of the CPUs preventing the implementation of a patch, limited software support for the devices and the likelihood of exposure potentially being lower for the affected systems.

Intel asserted that customers generally use the affected chips in "closed systems," which would not be at risk to the Meltdown and Spectre malware that has been seen in the wild.

The CPUs that aren't scheduled to receive the Spectre Intel microcode patch for variant 2 of the vulnerability are generally older -- most were released between 2007 and 2011 -- but the age of the chips doesn't appear to be a deciding factor. Previous patches for variant 2 of Spectre, which involves branch target injection, were pulled earlier this year after customers reported reboot issues. Five other Intel CPU families originally released in 2009 and 2010 -- Arrandale, Clarkdale, Lynnfield, Nehalem and Westmere -- do have Spectre patches in production, according to the guidance.

"We've now completed release of microcode updates for Intel microprocessor products launched in the last nine-plus years that required protection against the side-channel vulnerabilities discovered by Google Project Zero," an Intel spokesperson told SearchSecurity. "However, as indicated in our latest microcode revision guidance, we will not be providing updated microcode for a select number of older platforms for several reasons, including limited ecosystem support and customer feedback."

Coffee Lake and future Spectre mitigations

In addition to working on the Spectre microcode patch for older CPUs, Intel has been ensuring new chips are protected, as well. On April 3, Intel announced the eighth generation of Core i9 CPUs, Coffee Lake, which will ship with Spectre mitigations.

The new Coffee Lake chips will ship with software and firmware updates to mitigate against Spectre and Meltdown, but a source close to Intel said these protections are similar to the previous microcode patches and are not to be confused with forthcoming CPUs that have hardware-level changes to protect against Spectre and Meltdown attacks.

Those CPUs are not due to be released until the second half of 2018 and will include hardware changes to mitigate variant 2 of Spectre. They will still require a Spectre microcode patch to protect against variant 1 of the vulnerability.

Dig Deeper on Microsoft Patch Tuesday and patch management

Join the conversation

4 comments

Send me notifications when other members comment.

Please create a username to comment.

What do you think about how Intel has handled the Spectre microcode patches?
Cancel
I honestly think that Intel did this "Spectre" and "Meltdown" reveal and patches (or withholding of patches) in order to push people to get rid of their old, yet still fully functional systems. It's all about money with Intel.

The way they did this is dirty and underhanded.
Cancel
While I'm normally skeptical, the sheer number of chips that Intel has committed to patch -- or has already patched -- makes me less likely to believe that in this case.
Cancel
I see. How far back are they going? I don't believe it was clear from the article...or I just missed it
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close