Monday, 21 January, 2019

Intel deploys Spectre mitigations for newer processors to OEMS and partners

New Spectre microcode patches released by Intel to fix security flaws in Skylake Kaby Lake and Coffee Lake CPUs Intel's latest patches should banish Spectre security flaw fears
Theresa Hayes | 22 February, 2018, 04:47

This week, the company has expanded the microcode updates to cover Skylake-X and Skylake-SP processors architectures including Core-X, Xeon Scalable and Xeon D. Previously released patches - which were released to OEMs, adapted for hundreds of motherboards, and released as BIOS updates - were buggy, causing system instability.

While Intel continues to work on software mitigations for the vulnerabilities, the company has acknowledged that it will take a hardware fix to fully solve the issue for its processors, which is expected to be available toward the end of 2018.

It's been nearly a month since Intel yanked some of its earliest patches for the Spectre vulnerabilities because of system instability and unexpected reboots.

Intel says it has given PC makers a new set of microcode updates that mitigate the branch target injection Spectre attack on its 6th, 7th, and 8th generation Intel Core chips.

"This update includes new firmware for Surface UEFI which resolves potential security vulnerabilities, including Microsoft security advisory 180002".

That hasn't always been the case since Spectre and Meltdown erupted onto the scene. After working to fix those issues, Intel started releasing new patches nearly two weeks ago, when new code for Skylake-based PCs was released. "The Retpoline mitigation technique presented in this document is resistant to exploitation and has attractive performance properties compared to other mitigations", Intel notes in the paper.

Intel and AMD may need to revisit their microcode fixes for Meltdown and Spectre. The fix was caused some machines to randomly reboot, putting data and computer health at risk. Initially, only Broadwell and Haswell systems were confirmed to be affected, but further examination determined that Skylake, Kaby Lake, and Coffee Lake systems were rebooting, too.