The chips are down —

Intel releases new Spectre microcode update for Skylake; other chips remain in beta

Previous microcode update was reported to cause unwanted system reboots.

Intel Skylake Core i7-6700K.
Enlarge / Intel Skylake Core i7-6700K.

After recommending customers not use its microcode fix for Broadwell and Haswell chips, Intel has issued a new microcode update for Skylake processors that gives operating systems the ability to protect against the Spectre flaw revealed earlier this year.

The Spectre attacks work by persuading a processor's branch predictor to make a specific bad prediction. This bad prediction can then be used to infer the value of data stored in memory, which, in turn, gives an attacker information that they shouldn't otherwise have. The microcode update is designed to give operating systems greater control over the branch predictor, enabling them to prevent one process from influencing the predictions made in another process.

Intel's first microcode update, developed late last year, was included in system firmware updates for machines with Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors. But users subsequently discovered that the update was causing systems to crash and reboot. Initially, only Broadwell and Haswell systems were confirmed to be affected, but further examination determined that Skylake, Kaby Lake, and Coffee Lake systems were rebooting, too.

In response, consumers were advised not to use the new microcode, and operating system features that leveraged the new capabilities were disabled.

The new microcode is being distributed to hardware companies so that they can include it in a new range of firmware updates. This latest update is only for mobile Skylake and mainstream desktop Skylake chips. It neither fixes the Broadwell or Haswell problems, nor does it apply to Kaby Lake, Skylake X, Skylake SP, or Coffee Lake processors. Intel says that beta testing of other microcodes for these processors is ongoing. As such, laptop and desktop owners of Skylake systems should see firmware updates arriving soon. Everyone else, however, still has to wait.

Channel Ars Technica