The company has stopped Spectre mitigation development on the following families of chips:
- Bloomfield
- Clarksfield
- Gulftown
- Harpertown Xeon
- Jasper Forest
- Penryn
- SoFIA 3GR
- Wolfdale
- Yorkfield
A company spokesman had this to say about the recent announcement:
“We’ve now completed the release of microcode updates for Intel microprocessor products launched in the last 9+ years that required protection against the side-channel vulnerabilities discovered by Google. However, as indicated in our latest microcode revision guidance, we will not be providing updated microcode for a select number of older platforms for several reasons, including limited ecosystem support and customer feedback.”
It’s unfortunate, but not entirely unexpected. If you have any older Intel equipment still in service at your company, have your IT group check the processor family. If it’s one of the above, it’s well worth marking those systems high priorities for upgrades, and limiting their use until you can.
Spectre is a devastating flaw, and it’s just not worth the risk to leave exposed systems connected to your network and in service. This is especially true now that it’s official that no help is coming for certain older systems.
Even worse, AMD chips, which are not impacted by Spectre and Meltdown, have since been found to have their own critical security flaws. While not as bad or as pervasive as the two Intel is facing, they will nonetheless require the company to issue its own microcode updates, which they are currently scrambling to do.
The long and the short of it is that there really are no safe harbors anymore.