Microcode updates refer to software patches or updates that are specifically designed for the microprocessor within a computer. These updates aim to make improvements or fix issues in the microprocessor's instructions, allowing it to perform tasks more efficiently and accurately.
Full definition
We've now completed release of
microcode updates for Intel microprocessor products launched in the last 9 + years that required protection against the side - channel vulnerabilities discovered by Google.
«We have now
released microcode updates for 100 percent of Intel products launched in the past five years that require protection against the side - channel method vulnerabilities discovered by Google,» Intel CEO Brian Krzanich announced in a Thursday blog post.
In addition, Microsoft announced that it's making available
Intel microcode updates for the Windows 10 Fall Creators Update, version 1709.
«We've now completed release
of microcode updates for Intel microprocessor products launched in the last 9 + years that required protection against the side - channel vulnerabilities discovered by Google,» said an Intel spokesman.
While the Windows update fixed the Meltdown problem, CPU
microcode updates from Intel delivered via a UEFI or BIOS update are needed to fully enable protection against one of the Spectre attacks.
The original Windows patch protected against the Meltdown attack, but required a
CPU microcode update from Intel to fully protect against Spectre.
«Earlier this week, we released
production microcode updates for several Skylake - based platforms to our OEM customers and industry partners, and we expect to do the same for more platforms in the coming days,» Intel vice president Navin Shenoy wrote.
All of the fixes have OS kernel components, and some of the fixes are combined with processor
microcode updates in addition to kernel updates.
«We also continue to release beta
microcode updates so that customers and partners have the opportunity to conduct extensive testing before we move them into production.»
Intel has officially pushed out
microcode updates with Spectre and Meltdown mitigations for all of the processors it launched in the past...
We also continue to release
beta microcode updates so that customers and partners have the opportunity to conduct extensive testing before we move them into production,» Navin Shenoy, executive vice president and general manager of the Data Center Group at Intel Corporation, explained.
Intel hinted in a previous
microcode update guidance that some older chip architectures going back about a decade, such as Penryn, Yorksfield, and Wolfdale, would receive updates to address the Spectre vulnerability.
But, after Intel and AMD have released those
processor microcode updates, manufacturers will still need to package them up and distribute them to you.
However,
since microcode updates can be reverted, developers relying on SGX in the cloud would need to verify the CPU security version number during remote attestation.
Of course, Intel is already pushing out Spectre (and Meltdown) patches itself, with numerous processor families
seeing microcode updates released in the past few weeks; but Intel doesn't supply these directly to end users.
Intel has halted patches for an array of older chips that would protect them againstthe Spectre vulnerability, according to a
recent microcode update.
Microsoft said today that it would take Intel CPU
microcode updates meant to fix the Spectre v2 vulnerability and ship these updates to users via a Windows update package.
A number of Coffee Lake chips — including the Coffee Lake H - and S - series parts — have also been patched, Intel's
microcode update document indicates.
Additional versions of Windows 10 are now protected from these attacks, and Microsoft has begun releasing Intel
microcode updates directly, but only for a small number of devices.
The expanded set of Intel
microcode updates covers a broad set of the latest generation Intel platforms including Skylake, Kaby Lake, and Coffee Lake devices, and is available for Windows 10 version 1709.
Intel has
prepared microcode updates for OEMs like HP and Dell that don't trigger the reboots, but also don't contain its patch for Variant 2, while leaving in place mitigations for Meltdown Variant 3 and Spectre Variant 1.
Intel has also updated its original Meltdown - Spectre advisory with a new warning about the stability issues and recommends OEMs and cloud providers test its beta
silicon microcode updates before final release.
(Microsoft has stepped in to
provide microcode updates, assisting smaller vendors who wouldn't or couldn't provide timely patches.)
Variation 2 (Branch Target Injection or Spectre), which is harder to exploit, is being addressed through
optional microcode updates for Ryzen and EPYC processors starting this week.
By January 22 it urged hardware makers and customers to stop deploying its
first microcode updates for all chip families affected by the flaws.
Following last week's release of
reworked microcode updates for Skylake, Kaby Lake, and Coffee Lake chips, Intel has released corresponding updates for its older Broadwell and Haswell chips.
The stability issues caused by Intel's
microcode updates resulted in Lenovo, HP, and Dell halting their deployment of BIOS updates last month as Intel worked to resolve the problems.
Intel's chief executive also reminded us that the company has now released
revamped microcode updates for 100 % of its products launched in the last five years (i.e. going back to and including Haswell, as we saw a couple of weeks back).
Intel has also struggled to prepare and
issue microcode updates since it was first informed of the flaws by Google researchers on June 1, 2017.
Intel has announced the release of
production microcode updates to its manufacturing customers and partners for Kaby Lake and Coffee Lake - based platforms, as well as additional Skylake - based platforms.
The chip giant claimed it won't be patching the second Spectre variant (CVE -2017-5715) for Core 2 processors and any first - generation products that haven't already
received microcode updates.
Although most devices will receive this class of updates via firmware provided by the device manufacturer, Microsoft says it will offer
additional microcode updates from Intel through that KB article «as they become available to Microsoft.»
As of February 20, Intel has released
stable microcode updates for Skylake, Kaby Lake, and Coffee Lake — that's the 6th, 7th, and 8th Generation Intel Core platforms.
Get ready for new updates to guard against Spectre Intel's
fixed microcode updates to mitigate the Spectre attack have now reached Sandy Bridge and Ivy Bridge chips.
In a separate but related release, Microsoft announced it is significantly expanding the number of Intel -
validated microcode updates it's making available through the Microsoft Catalog site.
Chips with production fixes in Intel's
microcode update guidance document have been validated by Intel and approved for use in a production environment.