Intel ships Spectre fix for newer chips

Intel has developed a stable firmware update to address the Spectre flaw for its Skylake, Kaby Lake, and Coffee Lake processors.

Customers running machines with the newer chips can expect to receive the microcode soon; Intel said it had passed on the updates to PC makers for its sixth, seventh, and eighth generation Core processors.

"We have now released production microcode updates to our OEM customers and partners for Kaby Lake and Coffee Lake-based platforms, plus additional Skylake-based platforms," Intel vice president Navin Shenoy said in an update.

The updates address variant 2 - the branch injection vulnerability - of the Spectre chip flaw revealed early this year. 

The company had initially issued firmware updates for machines with its Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors to address the Spectre/Meltdown chip flaws early this year, but was forced to pull the microcode after it caused systems to crash and reboot.

Late last month Intel said it had identified the cause of the issues for its Broadwell and Haswell platforms and was working on a fix, and has since also figured out the problem for Skylake, Kaby Lake, and Coffee Lake systems.

It released new microcode for mainstream Skylake processors earlier this month. The latest firmware updates cover Skylake variants such as Skylake X, D, and SP, as well as Kaby Lake and Coffee Lake.

However, Intel is still yet to issue a fix for its Broadwell and Haswell platforms.

It said microcode updates for Sandy Bridge, Ivy Bridge, Broadwell, and Haswell processors were in beta and being tested by hardware vendors. 

Dell, HP, Lenovo, and Red Hat told customers not to install their BIOS updates until Intel could provide a stable fix.

Microsoft last week released a revised fix for the Meltdown and Spectre flaws in 32-bit versions of Windows 10 as part of its monthly patch bundle.

Google last month developed a fix for the Spectre flaw in Intel processors that avoids the performance degradation issues that resulted from Intel's first set of patches.

Called Retpoline, the approach prevents branch target injection by modifying programs to "ensure that execution cannot be influenced by an attacker". Intel last week said [pdf] Retpoline had "attractive performance properties compared to other mitigations".

Intel is currently facing 32 class actions in the United States over the Meltdown and Spectre flaws.