Intel Releases Spectre Patches for Kaby Lake, Coffee Lake

Intel Releases Spectre Patches for Kaby Lake, Coffee Lake

Intel has announced a new set of updates for the Spectre attacks we’ve been talking about for the past six weeks or so. Spectre has two variants (Variant 1 and Variant 2). Meltdown, another critical security flaw, is considered to be Variant 3 and, in the x86 space, affects only Intel CPUs. We’re mostly focused on Spectre today, as patches for Meltdown should already have rolled out for Intel chips.

A month after Intel had to yank certain fixes for causing crashes and reboots, the company is back with stable updates for the Kaby Lake and Coffee Lake CPU families. In a recent blog post, Intel’s Navin Shenoy wrote:

[We] have now released production microcode updates to our OEM customers and partners for Kaby Lake- and Coffee Lake-based platforms, plus additional Skylake-based platforms. This represents our 6th, 7th and 8th Generation Intel Core product lines as well as our latest Intel Core X-series processor family. It also includes our recently announced Intel Xeon Scalable and Intel Xeon D processors for data center systems.

Intel has just released patches for Kaby Lake-H, S, X, and G, Kaby Lake Refresh U, Kaby Lake U, I, and U23E. It also strongly recommends keeping an eye out for UEFI updates, which is probably simpler than going nuts trying to figure out which precise Kaby Lake model you have.

Intel has released a 14-page document to spell out exactly where it is in the production process for each CPU family. There’s too much data to present in image form, but here’s a representative page showing update schedules on some of Intel’s CPUs.

Click to enlarge
Click to enlarge

Looking at this sample, we see that a number of fixes are in beta for the Ivy Bridge family, IVB-X and Jasper Forest are in “pre-beta,” and multiple Kaby Lake CPUs have UEFI updates in production already. A white background means a CPU is either in the “Planning” or “Pre-Beta” phase, a yellow background means the fix has moved to beta testing, and a green background means the fix is in production. As for the yellow background, that appears to mean the fix is new as of this revised guidance.

Overall, we’re glad to see these patches going in. They’re absolutely critical to securing PCs, and Spectre is no joke. At the same time, however, there’s some question as to whether Spectre can ever be considered “solved.” It’s easy to think of these as patches that “fix” Spectre, but the more accurate reading would be that Spectre is a class of vulnerabilities and variants, and that we’ve fixed two of the ways it can attack. White hats are going to be playing whack-a-mole on this for a very long time.

Continue reading

Quake II RTX Now Runs on AMD GPUs Thanks to Vulkan Ray Tracing
Quake II RTX Now Runs on AMD GPUs Thanks to Vulkan Ray Tracing

Nvidia's Quake II RTX now runs on AMD GPUs using Vulkan, if you've got the right driver (and an RX 6000).

Report: Packaging Issues, PS5 Demand May Be Hurting TSMC Production
Report: Packaging Issues, PS5 Demand May Be Hurting TSMC Production

The hardware shortages currently hitting most of the PC market may be caused by a shortage in a necessary component in chip manufacturing, not low yields on TSMC's 7nm node.

Blast More Powerful Than Tunguska May Have Devastated Ancient City
Blast More Powerful Than Tunguska May Have Devastated Ancient City

An ancient metropolis by the Dead Sea was destroyed in an all-consuming firestorm, salting the earth and leaving the site abandoned for hundreds of years. Researchers now believe the assailant was a cosmic airburst bigger than Tunguska, which may explain the Late Bronze Age Gap in the archaeological record.

Photoshop Elements 2022 Reviewed: Plenty of Power in a Friendly Package
Photoshop Elements 2022 Reviewed: Plenty of Power in a Friendly Package

While there has been a flurry of activity in the "entry-level" photo and video editing space, Adobe continues to create an impressive offering under its Elements brand that spans new-users to nearly-professional users.