Intel has issued updated microcode to help safeguard its Broadwell and Haswell chips from the Spectre Variant 2 security exploits.
According to Intel documents, an array of its older processors, including the Broadwell Xeon E3, Broadwell U/Y, Haswell H,S and Haswell Xeon E3 platforms, have now been fixed and are available to hardware partners.
The company’s new microcode updates come a week after Intel also issued updates for its newer chip platforms like Kaby Lake, Coffee Lake and Skylake.
The Spectre and Meltdown defects, which account for three variants of a side-channel analysis security issue in server and desktop processors, could potentially allow hackers to access users’ protected data. Meltdown breaks down the mechanism keeping applications from accessing arbitrary system memory, while Spectre tricks other applications into accessing arbitrary locations in their memory.
The security flaws were first disclosed by Google Project Zero in early January and impact an array of processors on the market, including those from Intel, ARM and AMD. Intel, for its part, initially released patches addressing the Spectre and Meltdown vulnerabilities in January, but later recalled its patches for the Variant 2 flaw – both on the client compute and data center sides – after acknowledging that they caused “higher than expected reboots and other unpredictable system behavior.”
At the time, EVP and general manager of Intel’s data center group Navin Shenoy said that early releases of the firmware were causing an uptick in reboots on updated systems with Broadwell and Haswell chips, and that the chip company was working on new fixes.
“As part of this, we have determined that similar behavior occurs on other products in some configurations, including Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms,” said Shenoy in the post. “We have reproduced these issues internally and are making progress toward identifying the root cause. In parallel, we will be providing beta microcode to vendors for validation by next week.”
According to Intel’s documentation, the Spectre fixes for Sandy Bridge and Ivy Bridge are still in beta and are being tested by hardware partners.