Intel continues to make efforts to patch its systems against the Meltdown and Spectre chip flaws. It in fact indicated last month that it would be issuing fixes as far back as 2005’s Yorkfield processors. But in a new guidance document the company announces that many of these older platforms will not receive fixes after all.
Specifically, work has been stopped on Spectre Variant 2 mitigations for the chip generations known as Bloomfield, Clarksfield, Gulftown, Harpertown, Jasper Forest, Penryn, SoFIA 3GR, Wolfdale and Yorkfield.
Variant 2 is the toughest of the chip flaws to block or work around, so the creation of fixes is nontrivial — Intel isn’t just copying and pasting stuff into a microcode update for each of these.
In the guidance document (PDF), Intel cited several reasons for stopping development on the fixes:
Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2
Limited Commercially Available System Software support
Based on Customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.
In other words: it’s super hard, they’re barely supported and few people are using them where the bugs could be exploited.
It’s a reasonable walkback of the scope of Intel’s mitigation efforts, especially when you look at the size of the list of platforms that are having the problems addressed. Still, system administrators may want to cast an eye over their inventory to make sure no chips of these generations get exposed to the untamed wilds of userland.
And for users, the Penryns (Core 2 Duos in particular) were very popular and I wouldn’t be surprised if a few people were still running an old laptop with one — they were in all kinds of things back in ’08. If you’re one of those sentimental types like me that keeps these things around, you should probably avoid doing anything critical on them.
A statement from Intel sent along to accompany the guidance, read as follows:
We’ve now completed release of microcode updates for Intel microprocessor products launched in the last 9+ years that required protection against the side-channel vulnerabilities discovered by Google. However, as indicated in our latest microcode revision guidance, we will not be providing updated microcode for a select number of older platforms for several reasons, including limited ecosystem support and customer feedback.
more recommended stories
Mail digitizing service Earth Class Mail acquires receipt digitizing service Shoeboxed – TechCrunchEarth Class Mail, a company that.
Taxfix Closes $13 Million in Series A FundingTaxfix, the Berlin-based startup that.
Another attainment for French carpooling platform, BlaBlaCarAnother attainment for French carpooling.
Turn your old Kindle into a clock with this cool hackIf you have a Kindle.
Leave a Comment