Intel releases new Spectre microcode updates for some affected processors

Intel has provided a new update on the Spectre patch situation.

Intel Spectre microcode updates

Skylake fix ready, others to follow

“Earlier this week, we released production microcode updates for several Skylake-based platforms to our OEM customers and industry partners, and we expect to do the same for more platforms in the coming days,” Navin Shenoy, general manager of the Data Center Group at Intel Corporation, has announced on Wednesday.

“We also continue to release beta microcode updates so that customers and partners have the opportunity to conduct extensive testing before we move them into production. Ultimately, these updates will be made available in most cases through OEM firmware updates.”

(The current situation regarding Spectre patches, i.e., released microcode, is easy to quickly grasp from this document.)

Intel’s microcode updates released in the aftermath of the public revelation of the Meltdown and Spectre flaws came quickly, but they turned out to cause crashes and reboots on systems based on Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors.

Intel reacted by advising customers to hold off on deploying current versions of the firmware updates that include those microcode patches, and some OEMs followed its lead by pulling the updates and offering updates that remove the destructive microcode.

What now?

Now that Intel has shipped new microcode updates, it expects OEMs to push out new firmware again and urges users to implement them as soon as possible.

“I can’t emphasize enough how critical it is for everyone to always keep their systems up-to-date. According to the Department of Homeland Security’s cyber-emergency unit, US-CERT, as many as 85 percent of all targeted attacks can be prevented with – among other things – regular system updates,” Shenoy noted.

“This is especially top-of-mind because new categories of security exploits often follow a similar lifecycle. This lifecycle tends to include new derivatives of the original exploit as security researchers – or bad actors – direct their time and energy at it. We expect this new category of side channel exploits to be no different.”

I expect most users will be wary of applying the new updates immediately – they might wait to see how they perform on other users’ computers first.

But, with AV-TEST reporting the detection of many malware samples that appear to be related to the Meltdown and Spectre vulnerabilities, you shouldn’t wait too long.