Intel Issues Stable Spectre Microcode Update For Skylake, Kaby Lake And Coffee Lake Processors

Intel continues to plug along with microcode updates for its vast stable of processors. Two weeks ago, the company released revised microcode updates with Spectre mitigations that were limited to mainstream Skylake mobile and desktop platforms. This week, the company has expanded the microcode updates to cover Skylake-X and Skylake-SP processors architectures including Core-X, Xeon Scalable and Xeon D.

In addition, the new microcode release covers Kaby Lake and Coffee Lake processors that were previously left out. Intel was forced to pull its original microcode updates after it was found that some systems were randomly rebooting. That is definitely not something that consumers will tolerate and can be especially troubling in mission-critical enterprise installations.

The new Skylake/Kaby Lake/Coffee Lake microcode updates have been distributed to Intel's OEM partners, who will then distribute them via BIOS updates for customers. Intel is encouraging users to update their systems as soon as BIOS updates are available to protect themselves from Spectre attacks, which are currently advancing past the proof-of-concept stage.

meltdown spectre

Companies like Dell, Hewlett-Packard and Lenovo pulled their BIOS updates once Intel identified the root cause of the rebooting issues. Expect to soon see these same manufacturers issuing new BIOS updates to customers over the coming days and weeks.

"This effort has included extensive testing by customers and industry partners to ensure the updated versions are ready for production," said Navin Shenoy, Intel's Executive VP and GM for the Data Center Group. "On behalf of all of Intel, I thank each and every one of our customers and partners for their hard work and partnership throughout this process."

As for Intel, the company is currently facing nearly three dozen lawsuits [PDF] regarding its handling of the Meltdown and Spectre processor vulnerabilities. The company is also promoting software-based mitigations for Spectre Variant 2 that were developed by Google.

"We are mindful of the fact that, in some cases, there are multiple mitigation techniques available that may provide protection against these exploits," added Shenoy. "This includes 'Retpoline,' a Google-developed mitigation technique for Variant 2."

You can see Intel's white paper on Reptoline here [PDF], and check out our initial coverage of both the Spectre and Meltdown chip vulnerabilities.