Processors
Intel® Processors, Tools, and Utilities
14395 Discussions

Dissatisfied Intel dropping attempts at patching older CPUs for Spectre & Meltdown exploits

MMica
Beginner
2,583 Views

I am displeased that Intel has chosen to discontinue attempts at patching some CPUs for the Spectre and Meltdown exploits due to design flaws in its CPUs. I would have appreciated a patch for my Penryn-based system, which is in daily use, is running the most recent version of Windows 10, and will continue to do so for the foreseeable future.

See, e.g., https://www.theregister.co.uk/2018/04/04/intel_spectre_microcode_updates/ Intel admits a load of its CPUs have Spectre v2 flaw that can't be fixed • The Register

0 Kudos
6 Replies
PKoc
Beginner
590 Views

Exactly! First I had Intel Atom C2000 that died a month after warranty because of design flaw, now my older systems still in use won't get fixed.

Intel's official statement is that they stopped development of the fix because of "customer feedback":

"However, as indicated in our latest microcode revision guidance, we will not be providing updated microcode for a select number of older platforms for several reasons, including limited ecosystem support and customer feedback."

https://www.theinquirer.net/inquirer/news/3029553/intel-wont-be-patching-the-spectre-v2-flaw-in-its-older-chips-any-time-soon https://www.theinquirer.net/inquirer/news/3029553/intel-wont-be-patching-the-spectre-v2-flaw-in-its-older-chips-any-time

OK, my feedback is I want this fixed. If you do not fix this, my next system will be AMD.

0 Kudos
AlHill
Super User
590 Views

AMD also has problems, perhaps worse.

- http://www.scmagazine.com/amd-processors-riddled-with-critical-flaws-claim-researchers-who-reportedly-fail-to-disclose-responsibly/article/750746/ www.scmagazine.com: AMD processors riddled with critical flaws, claim researchers who reportedly fail to disclose responsibly

- http://www.zdnet.com/article/amd-investigates-chip-flaws-after-zero-day-research/ www.zdnet.com: AMD investigating chip security flaws after less than 24 hours notice

- http://arstechnica.com/information-technology/2018/03/a-raft-of-flaws-in-amd-chips-make-bad-hacks-much-much-worse/ arstechnica.com: A raft of flaws in AMD chips makes bad hacks much, much worse

- http://threatpost.com/hyperbole-swirls-around-amd-processor-security-threat/130481/ threatpost.com: Hyperbole Swirls Around AMD Processor Security Threat

- http://www.bleepingcomputer.com/news/security/researchers-who-found-amd-cpu-flaws-explain-chaotic-disclosure/ www.bleepingcomputer.com: Researchers Who Found AMD CPU Flaws Explain Chaotic Disclosure

- http://motherboard.vice.com/en_us/article/kzpm5x/amd-secure-processor-ryzen-epyc-vulnerabilities-and-backdoors motherboard.vice.com: Researchers Say AMD Processors Have Serious Vulnerabilities and Backdoors

I am not defending one company versus the other, but such rhetoric as "my next system will be AMD" is always a knee-jerk reaction and rather shallow.

Doc

I am not an Intel employee and the above opinions are my own.

0 Kudos
PKoc
Beginner
590 Views

Are you kidding? I am able to run Windows 10 x64 on Core 2 Duo Conroe and Penryn - tested, no problems at all. The same on Nehalem. Since the architecture is x86, it is supported. Maybe not officially but it works without issues.

And as for the AMD bugs - this was a pure stock market manipulation attempt. AMD was notified only 24 hours before making it public while Intel did nothing about Spectre / Meltdown during 6 months of 2017! Intel's CEO even sold company shares knowing about the defects and they released Coffee Lake knowing about those defects. AMD will fix all the mentioned issues in comming months without any impact on performance.

https://seekingalpha.com/article/4157242-amd-cts-labs-story-failed-stock-manipulation https://seekingalpha.com/article/4157242-amd-cts-labs-story-failed-stock-manipulation

Intel will not fix Spectre on older CPUs and Meltdown is not fixed on 32bit architectures making those CPUs unsafe on such systems, not to mention dramatic performance hit in I/O intensive applications:

"Addressing a hardware vulnerability with a software update presents significant challenges and mitigations for older operating systems that require extensive architectural changes. The existing 32 bit update packages listed in this advisory fully address CVE-2017-5753 and CVE-2017-5715, but do not provide protections for CVE-2017-5754 at this time. Microsoft is continuing to work with affected chip manufacturers and investigate the best way to provide mitigations for x86 customers, which may be provided in a future update."

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

AMD in the past had reliability issues with some Phenom processors - they replaced them. The same with some early Ryzen. Intel designed Atom C2000 so all will die prematurely and did nothing to compensate customers. Intel has bugs in Management Engine they will not fix for older architectures.

Sorry to say, but because of all those issues during past years, Intel's products can no longer be considered reliable and Intel's reputation took a great hit during past years. Currently AMD looks much more trustworthy as they do not have unfixed dramatic reliability problems and when they had some problems, they always did their best to fix them and to compesate customers. Intel behaves like a large corporation that only looks at current financial targets and doesn't care about customers.

0 Kudos
AlHill
Super User
590 Views

You did not read my response correctly.

I NEVER said Windows 10 would not run. I said it was not supported. As for the rest of your diatribe, you are entitled to your opinion, just as I am to mine.

Good luck moving forward.

Doc

0 Kudos
n_scott_pearson
Super User
590 Views

And I would add that, regardless of the actions of the slimy company that reported the AMD processor vulnerabilities (hopefully, their actions will garner them some serious fines and possibly jail time), almost all of those vulnerabilities have been verified to exist.

While you are entitled to your opinions and your purchase decisions are yours to make, trying to use this is a threat is beneath you. That's what children do. If you want to do it, go do it someplace else; it's not going to get you anything here other than our disdain.

...S

0 Kudos
AlHill
Super User
590 Views

How do you feel about your processor NEVER being supported on Windows 10?

https://www.intel.com/content/www/us/en/support/articles/000006105/processors.html Does My Intel® Processor Support Microsoft Windows® 10?

Your Penryn processor is a decade old, and all of them have been discontinued:

https://ark.intel.com/products/codename/26543/Penryn# @Penryn Products formerly Penryn

Just wait until Microsoft pulls the plug on support of these old processors on Windows 10.

Or, you can be prepared and upgrade now.

Doc

0 Kudos
Reply