Video: Meltdown-Spectre attack variants discovered
Customers running machines with newer Intel chips can expect to receive stable firmware updates for the Spectre CPU attack Variant 2 soon.
Intel says it has given PC makers a new set of microcode updates that mitigate the branch target injection Spectre attack on its 6th, 7th, and 8th generation Intel Core chips.
It also has new updates for its latest Core X-Series and Intel Xeon Scalable and Xeon D processors for datacenters.
"We have now released production microcode updates to our OEM customers and partners for Kaby Lake- and Coffee Lake-based platforms, plus additional Skylake-based platforms," Intel vice president Navin Shenoy said on Tuesday.
The updates signal that Intel is making progress on reissuing stable microcode mitigations for the Spectre attack revealed by Google on January 3.
Intel on January 22 said it had identified the root cause of unexpected reboots on updated Broadwell and Haswell chips and advised PC makers to stop deploying its mitigations for the Variant 2 attack.
It initially said the reboots were only occurring on Broadwell and Haswell processors but later admitted its patch was also causing stability issues on Skylake and Kaby Lake chips.
Earlier this month Intel released new microcode for several Skylake chips but didn't disclose the status of Broadwell and Haswell chips.
It now has updated its guidance with the current status of microcode updates for various generations of chips, which now indicates that fixes for Broadwell, Haswell, Sandy Bridge and some Ivy Bridge chips have reached beta. It also has production updates available for Apollo Lake and Cherry View and Bay Trail chips.
The chip giant last week revealed it is facing 32 class action lawsuits over the Meltdown and Spectre vulnerabilities, and additional lawsuits over alleged insider trading.
Intel last week published a new whitepaper explaining how Google's software-based fix for Variant 2 called Retpoline works. The search company found Retpoline doesn't cause the performance overhead that Intel's earlier mitigations did.
"There are a number of possible mitigation techniques for the branch target injection Spectre variant 2 exploit. The Retpoline mitigation technique presented in this document is resistant to exploitation and has attractive performance properties compared to other mitigations," Intel notes in the paper.
Previous and related coverage
Intel faces 32 class action lawsuits over its processor flaws and says more may be in the pipeline.
Intel and AMD may need to revisit their microcode fixes for Meltdown and Spectre.
The performance impact of Meltdown patches makes it essential to move systems to Linux 4.14.
And offers patching tips from US CERT, which it failed to brief on the bugs.
Malware makers are experimenting with malware that exploits the Spectre and Meltdown CPU bugs.
The out-of-band update disabled Intel's mitigation for the Spectre Variant 2 attack, which Microsoft says can cause data loss on top of unexpected reboots.
Great work on patching your own products, but why were smaller tech companies kept in the dark?
Dell and HP have pulled Intel's firmware patches for the Spectre attack.
AMD PCs can now install Microsoft's Windows update with fixes for Meltdown and Spectre and the bug that caused boot problems.
Intel's firmware fix for Spectre is also causing higher reboots on Kaby Lake and Skylake CPUs.
Roughly a week after the update was released, many machines still lack the fix for the critical CPU vulnerabilities.
Our devices may never truly be secure, says the CEO of the company that designs the heart of most mobile chips.