Ever since bugs like Spectre and Meltdown became public knowledge, Intel has been working to craft updated microcode that would close the loopholes and secure its processors. Progress on this front has been relatively slow and, in some cases, downright confusing. Several updates have been yanked as a result of reboot issues and it hasn’t always been clear how effectively Microsoft and Intel were at coordinating their work. Now, Intel is telling the press that Skylake patches are now available, with other fixes still in beta.
To briefly recap: Meltdown and Spectre are the terms used to refer to three separate bugs and flaws. Meltdown (aka Variant 3) is a flaw unique to Intel in the desktop x86 world. ARM has some very limited exposure to Meltdown, and Apple’s custom cores that use the ARM architecture are also affected.
Spectre (Variants 1 & 2) are common across a wider range of microprocessors. Variant 1 also impacts AMD CPUs, but doesn’t seem to be implicated in performance concerns. AMD doesn’t believe Variant 2 poses a threats to its CPUs, but continues to work on deploying solutions anyway. Intel is susceptible to Variant 1 and Variant 2, and it’s V2 that’s caused the company problems. The microcode patches released today for Skylake are Variant 2 patches, as shown below:
It’s not entirely clear why we’re seeing fixes rolling out for Skylake alone, when Kaby Lake is such a small update to Skylake as far as core (or Core) architecture is concerned. This is also true for Coffee Lake, but Coffee Lake also adds additional CPU cores, whereas Skylake and Kaby Lake are identical on those features as well. Still, Intel is making progress towards fielding solutions. The company writes:
Earlier this week, we released production microcode updates for several Skylake-based platforms to our OEM customers and industry partners, and we expect to do the same for more plat forms in the coming days. We also continue to release beta microcode updates so that customers and partners have the opportunity to conduct extensive testing before we move them into production.
Intel has previously stated that its upcoming 10nm processors will have mitigation fixes baked in-silicon. It is not clear if Intel will be providing a bug fix for Variant 2 for Ivy Bridge and Sandy Bridge systems. We’ve heard rumors that the performance impact for these fixes on older systems can be significant, but no solution has been formally provided (even briefly). As always, we’ll keep you update as solutions roll out.
AMD Discloses a Spectre-Like Vulnerability in Zen 3 CPUs
AMD has disclosed a potential security vulnerability on its Zen 3 CPUs with similarities to the Spectre attack from several years ago, but the company believes the risk is minimal.
Intel, Researchers Debate Whether New Spectre-Type Vulnerabilities Exist
Researchers are claiming to have found a new type of Spectre attack that bypasses all existing protections, but that framing isn't well supported.
Should Spectre, Meltdown Be the Death Knell for the x86 Standard?
Spectre and Meltdown are serious CPU flaws, but do they warrant throwing out the entire closed-source CPU model?
Microsoft Pulls Spectre, Meltdown Patches for Older AMD Systems
Microsoft has halted the distribution of patches for Spectre, Meltdown on some AMD systems due to problems with BSODs and bricked systems.