Intel's new Spectre fix: Skylake, Kaby Lake, Coffee Lake chips get stable microcode

Intel makes progress on reissuing stable microcode updates against the Spectre attack.
Written by Liam Tung, Contributing Writer

Video: Meltdown-Spectre attack variants discovered

Customers running machines with newer Intel chips can expect to receive stable firmware updates for the Spectre CPU attack Variant 2 soon.

Intel says it has given PC makers a new set of microcode updates that mitigate the branch target injection Spectre attack on its 6th, 7th, and 8th generation Intel Core chips.

It also has new updates for its latest Core X-Series and Intel Xeon Scalable and Xeon D processors for datacenters.

"We have now released production microcode updates to our OEM customers and partners for Kaby Lake- and Coffee Lake-based platforms, plus additional Skylake-based platforms," Intel vice president Navin Shenoy said on Tuesday.

The updates signal that Intel is making progress on reissuing stable microcode mitigations for the Spectre attack revealed by Google on January 3.

Intel on January 22 said it had identified the root cause of unexpected reboots on updated Broadwell and Haswell chips and advised PC makers to stop deploying its mitigations for the Variant 2 attack.

It initially said the reboots were only occurring on Broadwell and Haswell processors but later admitted its patch was also causing stability issues on Skylake and Kaby Lake chips.

Dell, HP, and Lenovo paused their respective BIOS updates while Intel worked on stable fixes. Microsoft also released an out-of-band patch to disable Intel's fix on systems it had been installed on.

Earlier this month Intel released new microcode for several Skylake chips but didn't disclose the status of Broadwell and Haswell chips.

It now has updated its guidance with the current status of microcode updates for various generations of chips, which now indicates that fixes for Broadwell, Haswell, Sandy Bridge and some Ivy Bridge chips have reached beta. It also has production updates available for Apollo Lake and Cherry View and Bay Trail chips.

The chip giant last week revealed it is facing 32 class action lawsuits over the Meltdown and Spectre vulnerabilities, and additional lawsuits over alleged insider trading.

Intel last week published a new whitepaper explaining how Google's software-based fix for Variant 2 called Retpoline works. The search company found Retpoline doesn't cause the performance overhead that Intel's earlier mitigations did.

"There are a number of possible mitigation techniques for the branch target injection Spectre variant 2 exploit. The Retpoline mitigation technique presented in this document is resistant to exploitation and has attractive performance properties compared to other mitigations," Intel notes in the paper.

Previous and related coverage

Meltdown-Spectre: Now the class action suits against Intel are starting to mount up

Intel faces 32 class action lawsuits over its processor flaws and says more may be in the pipeline.

Meltdown-Spectre flaws: We've found new attack variants, say researchers

Intel and AMD may need to revisit their microcode fixes for Meltdown and Spectre.

Linux Meltdown patch: 'Up to 800 percent CPU overhead', Netflix tests show

The performance impact of Meltdown patches makes it essential to move systems to Linux 4.14.

Spectre reboot problems: Now Intel replaces its buggy fix for Skylake PCs

And offers patching tips from US CERT, which it failed to brief on the bugs.

Meltdown-Spectre: Malware is already being tested by attackers

Malware makers are experimenting with malware that exploits the Spectre and Meltdown CPU bugs.

Windows emergency patch: Microsoft's new update kills off Intel's Spectre fix

The out-of-band update disabled Intel's mitigation for the Spectre Variant 2 attack, which Microsoft says can cause data loss on top of unexpected reboots.

Meltdown-Spectre: Why were flaws kept secret from industry, demand lawmakers

Great work on patching your own products, but why were smaller tech companies kept in the dark?

Spectre flaw: Dell and HP pull Intel's buggy patch, new BIOS updates coming

Dell and HP have pulled Intel's firmware patches for the Spectre attack.

Windows 10 Meltdown-Spectre patch: New updates bring fix for unbootable AMD PCs

AMD PCs can now install Microsoft's Windows update with fixes for Meltdown and Spectre and the bug that caused boot problems.

Meltdown-Spectre: Intel says newer chips also hit by unwanted reboots after patch

Intel's firmware fix for Spectre is also causing higher reboots on Kaby Lake and Skylake CPUs.

26% of organizations haven't yet received Windows Meltdown and Spectre patchesTech Republic

Roughly a week after the update was released, many machines still lack the fix for the critical CPU vulnerabilities.

Bad news: A Spectre-like flaw will probably happen againCNET

Our devices may never truly be secure, says the CEO of the company that designs the heart of most mobile chips.

Editorial standards