Intel stops Spectre fix for older CPUs
According to a recent microcode update, older CPUs won't receive any more patches for the Spectre vulnerability. The CPUs that won't received any more updates include Wolfdale, Bloomfield, Clarksfield, Gulftown, Harpertown, Jasper Forest, SoFIA 3GR, and Yorkfield. Some of these reasons, according to Intelss microcode update are that there are limited available system software support, and that based on customer feedback, most of these products are used as "closed systems" and are expected to have a lower exposure to the Spectre vulnerabilities.
The Spectre and Meltdown defects account for three versions of a side-channel analysis security issue in server and desktop processors. These vulnerabilities were identified earlier this year and could potentially allow hackers to access users' protected data. Meltdown breaks down the mechanism keeping applications from accessing arbitrary system memory, while Spectre tricks other applications into accessing arbitrary locations in their memory. Intel has been releasing patches for its chips over the past few months after the vulnerabilities were revealed.
The Spectre and Meltdown security flaws were first disclosed by Google Project Zero in early January and impact an array of processors on the market, including those from Intel, ARM and AMD. Intel has issued several microcode updates to help safeguard its chips from the security flaws. In February, Intel issued patches for both newer chip platforms, like Kaby Lake, Coffee Lake and Skylake, as well as older processors, including Broadwell and Haswell chips. In March, Intel introduced hardware-based protections to its new chips to protect against the Spectre and Meltdown flaws that shook the IT security industry when the vulnerabilities were made public in early 2018. Intel designed a new set of CPU design features that work with the operating system to install "virtual fences" that protect the system from speculative execution attacks that could exploit a variant of the Spectre flaw.