Intel has slowly been deploying mitigations for Spectre/Meltdown for recent platforms. In the most recent microcode revision guidance, Intel has indicated it will not deploy any microcode mitigations for the recently disclosed flaws for older processor platforms. Intel cited the following reasons:
“After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products for one or more reasons including, but not limited to the following:
- Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)
- Limited Commercially Available System Software support
- Based on customer inputs, most of these products are implemented as ‘closed systems’ and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.”
The following CPU families now list a “stopped” status regarding microcode updates:
- Bloomfield
- Clarksfield
- Gulftown
- Harpertown
- Jasper Forest
- Penryn
- SoFIA
- Wolfdale
- Yorkfield
At this point, it’s no secret that mitigating Spectre/Meltdown has been a trying affair, with both Microsoft and Intel struggling to stabilize previous patches that triggered reboots, crashes, and various performance effects. Being that most of the aforementioned chip families are a decade old, Intel may very will not deem the update worth the effort. Additionally, the microcode updates can only be delivered via BIOS (motherboard OEMs) or OS patch (Microsoft, etc.), and these vendors may or may not be willing to support hardware this old.
- Eric Hamilton