Intel will not provide microcode updates to fix Spectre and Meltdown vulnerabilities on some of their older processors.
Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0 and E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale, Wolfdale Xeon, Yorkfield, and Yorkfield Xeon families of processors will not receive the updates, according to the last update of the “Microcode Revision Guidance.” The reason Intel is not updating them is most of these CPUs are older products and no longer in production.
“After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products for one or more reasons,” the company said in a post.
The reasons include micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715), limited Commercially Available System Software support, and the fact that, “based on customer inputs, most of these products are implemented as ‘closed systems’ and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.”
After a delay, the company completed the release of microcode updates for all the microprocessors they launched in the last nine years and which required Meltdown and Spectre patches.
Intel Chief Executive Brian Krzanich said in March the company redesigned parts of the processor to introduce new levels of protection to protect against those attacks, and that these changes will begin with their “next-generation Intel Xeon Scalable processors (code-named Cascade Lake) as well as 8th Generation Intel Core processors expected to ship in the second half of 2018.”