Intel will not provide Spectre/Meltdown microcode updates for some processor families
Intel has decided not to provide microcode updates to plug Spectre and Meltdown vulnerabilities in a number of older processors.
According to the last update (April 2, 2018) of the “Microcode Revision Guidance,” Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0 and E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale, Wolfdale Xeon, Yorkfield, and Yorkfield Xeon families of processors will not receive the updates. (Most of these “abandoned” CPUs are older products no longer in production.)
“After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products for one or more reasons,” the company noted.
The reasons include micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715), limited Commercially Available System Software support, and the fact that, “based on customer inputs, most of these products are implemented as ‘closed systems’ and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.”
At the same time, the company has completed the release of microcode updates for all the microprocessors they launched in the last 9 or so years and which required Meltdown and Spectre patches.
New releases
Merely a day after, Intel has announced new processors designed for mobile workstations and gaming and content creation laptops.
In the announcement of the former, the company mentions some security enhancements, but in both announcements there is no mention of hardware changes for addressing the vulnerabilities allowing Meltdown and Spectre (variant 2) attacks.
Intel CEO Brian Krzanich said in March that the company has redesigned parts of the processor to introduce new levels of protection to protect against those attacks, and that these changes will begin with their “next-generation Intel Xeon Scalable processors (code-named Cascade Lake) as well as 8th Generation Intel Core processors expected to ship in the second half of 2018.”
In the meantime, Bloomberg has reported that Apple plans to replace Intel processors in Mac computers with its own chips from 2020 onwards, though the move does not seem to be motivated by the revelations of the Spectre/Meltdown issues.