Intel has warned that it almost certainly won't be able to provide a fix for the second variant of the Spectre flaw for all but the latest of its desktop, laptop and server CPUs.
It affects more than 230 models of Intel's microprocessors, but the company has warned that completely eradicating the vulnerability from older CPUs might not be possible.
In new microcode revision guidance released by the chipmaker, Intel added a "stopped" status to its microcode updates relating to the Meltdown and Spectre flaws, which would suggest that it won't be issuing patches to fully mitigate the vulnerabilities affecting a large number of its microprocessors.
The revisions to fix the Spectre variant 2 flaw in chips from the Bloomfield Xeon, Clarksfield, Gulftown, and Yorkfield families of chips, to name just a few, are marked as stopped due to several reasons.
"After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products for one or more reasons including, but not limited to the following:
- Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715);
- Limited Commercially Available System Software support.
"Based on customer inputs, most of these products are implemented as "closed systems" and therefore are expected to have a lower likelihood of exposure to these vulnerabilities," explained Intel.
However, there are microcodes updates that do protect against the first variation of Spectre and the more serious Meltdown flaw. And it's also worth noting that the chips with the stopped updates are fairly old in processors years, with the most recent going on sale in 2011.
More recent chips have patches in place or in production which should help keep them safe from the flaws. However, the situation is an indication of just how deep the Meltdown and Spectre flaws run, although there's yet to be any reports of them being exploited in the wild.
Computing has contacted Intel for more comment on its patching plans and situation, but the chipmaker has yet to reply.
Intel's latest Coffee Lake processors, now in laptop form, are said to be immune to the flaws, so they're worth keeping an eye out for.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff