Published in News

Intel gives up trying to fix older chips

by on05 April 2018


Spectre has won Mr. Bond just upgrade already

Chipzilla has looked at its options and decided that it can't be bothered trying to fix some of its older processors to address the "Spectre variant 2" attack.

Users of Core 2 processors are no longer scheduled to receive updates, and, while some first generation Core products have microcode updates available already, others have had their update cancelled.

Over the last few months, Intel has been delivering microcode updates to provide firmware fixes. The microcode updates give operating systems greater control over the branch prediction and speculative execution capabilities of the processor, protecting against Spectre version 2.  However the chips take a performance hit.

Chipzilla had said that it was developing microcode fixes for processors as old as the 45nm Core 2 chips (built on the Penryn architecture) and the first-generation Core processors (built using the Westmere and Nehalem architectures). However, the company's latest update on the status of its microcode revisions indicates that it has dropped some of these plans.

ESET security awareness specialist Ondrej Kubovic said that Intel's approach is not new as end-of-support for legacy systems is a standard procedure usually triggered by the development of new and more advanced hardware and software, or changes in the way people interact with their devices. What was interesting about this case is that it might be the first time when major bugs - such as Meltdown and Spectre – were the main accelerator for this process.

"Non-patching of the mentioned vulnerabilities should affect mostly CPUs that were manufactured more than five years ago. We can only hope this will give Intel more space to concentrate on patching of the still widely-used systems and only isolated and sparsely used systems will be left out of the patching loop."

He said that the flaws enable attackers to harvest information, not to modify them. Therefore if the system contains no personal or sensitive data, or is used for other purposes but not for browsing, it should be relatively secure.

"Also users can improve their security by applying Meltdown and Spectre patches issued by OS, browser and other software developers. Of course, the safest thing to do is to replace the vulnerable hardware for newer non-vulnerable components. In case HW replacement or patching is not possible, users can also airgap their system to stay out of attacker’s reach”, Kubovic said.

 

 

Last modified on 05 April 2018
Rate this item
(0 votes)

Read more about: