Intel halts microcode patch development for 230+ CPUs

by Mark Tyson on 4 April 2018, 11:11

Tags: Intel (NASDAQ:INTC)

Quick Link: HEXUS.net/qadsev

Add to My Vault: x

Intel quietly updated its microcode update guidance (PDF) on 2nd April. The last time we checked this document, back in mid-March, it was good news and Intel simultaneously revealed via a blog post that it had updated the microcode for all of the products it had launched in the past five years. The latest update to the PDF isn't very good news, as if you check through the document you will see that many processors/chipsets have been shifted to a new production status labelled 'stopped'.

An example of the range of new 'stopped' production status notices is given above. You can see clearly that Intel has put a halt to producing microcode updates for its entire Wolfdale line. (I used to run one of these CPUs) These 45nm processors were first released as far back as Q1 2008.

In all, as The Register reports, there are over 230 processors that have had their production status 'stopped'. In its inimitable way the Reg says that the 10 product families will be neglected by Intel fixers and patchers "in some cases because it's too tricky to remove the Spectre v2 class of vulnerabilities". As well as Wolfdale processors, you will find that Spectre and Meltdown patch development statuses for Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0 and E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale Xeon, Yorkfield, and Yorkfield Xeon families have all been shunted to 'stopped'.

The official microcode update guidance document includes some explanation for the 'stopped' status just behind the cover page. It says that "after a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products for one or more reasons". The reasons, three of them in total, are reproduced below:

  • Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)
  • Limited Commercially Available System Software support
  • Based on customer inputs, most of these products are implemented as 'closed systems' and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.

We don't know which respective processor families are impacted by which of the above bullet points.

Some good news

Elsewhere in the document there is good news for users of processors in the Arrandale, Clarkdale, Lynnfield, Nehalem, and Westmere families. Intel now has working fixes for these in production, according to the status table. "We've now completed release of microcode updates for Intel microprocessor products launched in the last 9+ years that required protection against the side-channel vulnerabilities discovered by Google Project Zero," an Intel spokesperson told The Reg in a supplementary emailed statement.



HEXUS Forums :: 25 Comments

Login with Forum Account

Don't have an account? Register today!
Intel at its best.

“Oh, these are old so we do not even care… Keep on buying the newer ones and you'll be completely protected… Maybe…”

As Brian Fantana put it: “They have done studies you know? 60% of the time it works every time”.
Those are some pretty old CPUs, there aren't going to be many still running in systems that are relevant to attack with Spectre/Meltdown. Given that they are already so old how many of the remaining users are going to want the slowdown effect of the fixes, even assuming the fix can be applied.
I'm upgrading in a fortnight to a 1700x from 3570k, I was waiting for Icelake with 8c/16t but Intel not fixing old mistakes fast makes me want to say screw them with bad TIM and support, maybe I'll go back to Intel in the future.
As per usual though, it's nice that Intel has gone back over CPUs that are 9 years + old but the issue is the mobo manufactures. How many of these microcode patches are actually going to make it to bios updates for older platforms?

Intel has fixed the microcode for my CPUs but there is zero intention from ASUS to release a BIOS update with it in for my Z9 series motherboard. The series is not even marked as a TBD on their list.
Wolfdale Xeon, Yorkfield? who here is still using these? and do not bother telling me lots of people or companies are in their servers, I am aware, I dont need education. all i am asking is for honesty, because i am curious, who here is still using 10 year old hardware? thanks