Video: Meltdown Specter Attack Variants Detected
Intel plans to patch certain CPU families affected by the Meltdown and Specter bugs, as this is impractical or not widespread.
The chip maker has spent the last few months publishing and re-releasing microcode updates to fix the Specter Variant 2 bug. But while it provides updates for all processors released in the last five years, it has now shown that some older CPUs are not patched at all.
Intel's latest April 2, April 2004, microcode revision policy applies a new "stop" status to multiple CPU product families for which microcode updates have been developed. The product families include chips from Intel's Core, Celeron, Pentium, and Xeon CPUs.
Most chips are older, production starts in 2008, and they are probably less common today than the already patched Kaby Lake. Skylake and Coffee Lake CPUs.
Intel says the development of Specter's Variant 2 protection has been halted for at least three reasons: Impractical, the CPU not fully supported, or customers claiming that the CPUs are running on closed systems.
"After a comprehensive study of microarchitecture and microcode capabilities for these products, Intel has decided not to release microcode updates for these products for one or more reasons, including, but not limited to:
- Microarchitectural Features This includes a convenient Implementing Variant mitigation features 2 CVE-201
- Restricted, commercially available system software support
- Based on customer input, most of these products are implemented as "closed systems" and therefore are expected to have lower probability of failure Exposure to these vulnerabilities. "
CPU families not updated include Bloomfield, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn / QC, SoFIA 3GR, Wolfdale C0 and M0, Wolfdale E0 and R0, Wolfdale Xeon X0, Wolfdale Xeon E0, Yorkf Field and Yorkfield Xeon.
Intel announced in March that upcoming 8th-generation Intel Core processors will have integrated protection for Specter Variant 2 and Meltdown.
Previous and Related Reporting
Windows 7 meltdown patch opens worse Vulnerability: March Install Updates Now  Microsoft's Meltdown fix opens a gaping hole in Windows 7 security, warns researchers.
Are you using HP, Lenovo, or Dell? Prepare for New Updates to Protect You from Specter
Intel's fixed microcode updates to defuse the Specter attack have now reached Sandy Bridge and Ivy Bridge chips.
New Specter Attack Variation Can Break Secrets of Intel's SGX-Enclave Enclaves
Sensitive data protected by Intel's Software Guard Extensions may be open to a new side-channel attack.
Intel's Specter fix for Broadwell and Haswell chips has finally landed
Chips that triggered Intel's recall of Microcode for Specter Variant 2 are now stable
First Intel, now AMD is also facing multiple class actions Specter Attacks Against
Customers accuse the chipmaker of claiming top prices for a faulty product.
Intel is making progress in reissuing stable microcode updates against the Specter attack.
Intel faces 32 class action lawsuits and says others may be in the pipeline.
Meltdown Specter Errors: We Found New Attack Variants, Researchers Say
Intel and AMD may need to rebuild their microcode fixes for Meltdown and Specter.
Linux Meltdown Patch: "Up to 800 Percent CPU Overhead," Show Netflix Tests
The performance impact of meltdown patches makes it necessary to move systems Linux [4.14.]
Specter reboot issues: Now Intel Replaces Its Buggy Fix for Skylake PCs
And offers patch tips from US CERT, which fails to inform about the bugs.
Meltdown Specter: Malware Already Tested by Attackers
Malware vendors experiment with malware that exploits the Specter and Meltdown CPU errors.
Windows Emergency Patch: Microsoft's New Update Kills Intel's Specter-Fix
The Out-of-Band Update Hampered Intel's Mitigation • The Specter Variant 2 attack, which Microsoft says he has in addition to unexpected reboots can cause data loss.
Meltdown Specter: Why Mistakes Were Concealed to the Industry, Lawmakers Require
Do a good job patching your own products, but why have smaller technology companies been left in the dark?
26% of businesses have not yet received Windows Meltdown and Specter patches Tech Republic
About a week after the update was released, many machines still lack the fix for the critical CPU vulnerabilities.
Bad news: A Specter-like bug is likely to happen again CNET
Our devices may never be really secure, says the company's CEO, who designs the heart of most mobile chips.