Intel Security

Intel’s Microcode Revision Guidance for April 2018: 9 architectures won’t getting updates

Intel seems to change its mind, the latest Microcode Revision Guidance for April 2018 removed 9 architectures from the support list. In Intel’s announcement, the company mentions some security enhancements.

Intel Microcode Revision Guidance April 2018

Removed and unsupported

“After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products for one or more reasons,” Intel noted.

According to the new guidance, the following platforms aren’t supported anymore.

This slideshow requires JavaScript.

  • Bloomfield – Core (Extreme Edition) i7-9xx, Xeon W35xx
  • Clarksfield – Core Extreme i7-920XM, 940XM, Core i7-7x0QM, i7-8x0QM
  • Gulftown – Core Extreme Edition i7-9x0X, Core i7-9×0,
  • Harpertown (Xeon C0/E0) – Xeon L54xx, Xeon E54xx, Xeon X54xx
  • Jasper Forest – Celeron P1053, Xeon EC3528, EC3529, EC5509, EC5539, EC5549, LC3518, LC3528, LC5518, LC5528
  • Penryn – Core 2 Extreme X9xxx, Core 2 Quad Q9000/Q9100, Core 2 Duo, Core 2 Solo, Pentium T4200, T4300, T4400, T4500, Celeron 900, 925, SU2300, T3100, T3300, T3500, ULV 763, Celeron M ULV 722, ULV 723, ULV 743
  • SoFIA 3GR – Atom x3-x3-C32x0RK
  • Wolfdale C0, E0, M0, R0 – Core 2 Duo, Pentium E5xxx, E6xxx, Celeron E3xxx, Xeon E3110, E5205, E5220, L5240, X5260, X5272, E3120, L3110, L5215, X5270
  • Yorkfield – Intel Core 2 Extreme QX9xxx, Intel Core 2 Quad Q8xxx, Q9xxx, Xeon L3360, X3320, X3330, X3350, X3360, X3370, X3380

Why does Intel decided to drop the support?

  • Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)
  • Limited Commercially Available System Software support
  • Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities

Intel official names several reasons why they stop supporting these 9 mentioned architectures, one argument is that the platform support is difficult another reason is the software support, which means customers won’t receive the update because their product reached already end of life. The last argument is that several customers said that those affected systems aren’t affected because no one has access to it.

The work is official finished

This new announcement means that the work on the microcodes are finished. OEM#s now get the time to roll out new BIOS updates with the latest updates in order to provide support against Meltdown & Spectre.

Microsoft itself provides updates for Windows 1607 up to 1803,  but only currently for Skylake, Kaby Lake and Coffee Lake platforms.

Apple replaces Intel processors

Bloomberg btw has reported that Apple plans to replace Intel processors in Mac computers with its own chips from 2020 onwards, though the move does not seem to be motivated by the revelations of the Spectre/Meltdown issues.

My Comment

These are the official ‘reasons’ which sound like a fucking joke to me, I dunno what Intel smoke but don’t fucking lie and say ‘platform’ makes it difficult to integrate some security mechanism, the worst shit I’ve ever heard from Intel. The real reason seems to be that Intel just doesn’t want it because they don’t get money with ‘support’ like this and they never had any real interest in fixing this issue on a serious ground, instead they advertise new products that are secure against the hole in order that some fools by even more Intel products (in the name of ‘security’).

I remember that Intel first said there will be updates for all platforms back to the year 2007, now they change their mind and let their customers hanging. Will I ever by Intel again? Nope! popeanim