Intel to Release Firmware to Combat Spectre
At least they are addressing it! Kudos to them!
ZDNet – By: Liam Tung – “Customers running machines with newer Intel chips can expect to receive stable firmware updates for the Spectre CPU attack Variant 2 soon.
Intel says it has given PC makers a new set of microcode updates that mitigate the branch target injection Spectre attack on its 6th, 7th, and 8th generation Intel Core chips.
It also has new updates for its latest Core X-Series and Intel Xeon Scalable and Xeon D processors for datacenters.
‘We have now released production microcode updates to our OEM customers and partners for Kaby Lake- and Coffee Lake-based platforms, plus additional Skylake-based platforms,’ Intel vice president Navin Shenoy said on Tuesday.
The updates signal that Intel is making progress on reissuing stable microcode mitigations for the Spectre attack revealed by Google on January 3.
Intel on January 22 said it had identified the root cause of unexpected reboots on updated Broadwell and Haswell chips and advised PC makers to stop deploying its mitigations for the Variant 2 attack.
It initially said the reboots were only occurring on Broadwell and Haswell processors but later admitted its patch was also causing stability issues on Skylake and Kaby Lake chips.
Dell, HP, and Lenovo paused their respective BIOS updates while Intel worked on stable fixes. Microsoft also released an out-of-band patch to disable Intel’s fix on systems it had been installed on.
Earlier this month Intel released new microcode for several Skylake chips but didn’t disclose the status of Broadwell and Haswell chips.
It now has updated its guidance with the current status of microcode updates for various generations of chips, which now indicates that fixes for Broadwell, Haswell, Sandy Bridge and some Ivy Bridge chips have reached beta. It also has production updates available for Apollo Lake and Cherry View and Bay Trail chips.
The chip giant last week revealed it is facing 32 class action lawsuits over the Meltdown and Spectre vulnerabilities, and additional lawsuits over alleged insider trading.
Intel last week published a new whitepaper explaining how Google’s software-based fix for Variant 2 called Retpoline works. The search company found Retpoline doesn’t cause the performance overhead that Intel’s earlier mitigations did.
‘There are a number of possible mitigation techniques for the branch target injection Spectre variant 2 exploit. The Retpoline mitigation technique presented in this document is resistant to exploitation and has attractive performance properties compared to other mitigations,’ Intel notes in the paper.”