Intel drops older chips from Spectre patch plans

Chris Davies - Apr 4, 2018, 3:38pm CDT
Intel drops older chips from Spectre patch plans

Intel has backtracked on plans to update its older processors to deal with Spectre, admitting that it’s tougher than expected to patch the exploit. The chip-maker has been busy developing hardware and software fixes for Spectre which, along with Meltdown, were found to affect a huge number of processors from Intel and others.

The hardware changes are already underway, though users will obviously need to buy a new CPU if they want to take advantage of them. For those with existing systems, however, there are microcode updates. These affect software patches, closing up the loopholes in the processors’ architecture.

It’s not been entirely smooth sailing on that front, however. Intel did release a set of microcode updates initially, but then was forced to recommend users stop installing them as they led to system instability in some cases. That could manifest as uncontrollable reboots.

Now, it’s dropping some of the chips from its to-do list, because it turns out it’s just too hard. Seven families of chip architecture will now not get Spectre patches. The processors date back as early as 2007, and as recently as 2015.

The full list of architectures includes Penryn (2007), Yorkfield (2007), Wolfdale (2007), Bloomfield (2008), Clarksfield (2009), Nehalem-based Jasper Forest (2010), and Intel Atom “SoFIA” (2015). According to Intel’s official justification for the change in plan, it comes down to three key factors:

After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products for one or more reasons including, but not limited to the following:
– Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)
– Limited Commercially Available System Software support
– Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.

In a statement provided to Tom’s Hardware, Intel pointed to limited ecosystem support for the updates. In short, the site suggests, it may have run into a wall with Microsoft and motherboard providers, neither of whom are likely to be in too great a hurry to push out updates for PCs more than a decade old. Factor in the likelihood that relatively few of these systems are still in operation, and Intel’s decision to save its efforts seems more reasonable.

Must Read Bits & Bytes