When the Spectre and Meltdown bugs hit, it became clear that they wouldn’t be fixed with a few quick patches — the problem runs deeper than that. Fortunately, Intel has had plenty of time to work on it, and new chips coming out later this year will include improvements at the hardware/architecture level that protect against the flaws. Well, two out of three, anyway.
CEO Brian Krzanich announced the news in a company blog post. After thanking a few partners, he notes that all affected products from the last 5 years have received software updates to protect them from the bugs. Of course, the efficacy of those updates is debatable, as well as their performance hits — and that’s if your hardware vendor even gets a patch out. But at any rate, the fixes are available.
There are actually three semi-related bugs here: Spectre is variants 1 and 2; then there’s variant 3, which researchers dubbed Meltdown. Variant 1 is arguably the most difficult of them all to fix, and as such Intel doesn’t have a hardware solution for it yet — but variants 2 and 3 it has in the bag.
“We have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3,” Krzanich writes. Cascade Lake Xeon and 8th-gen Core processors should include these changes when they ship in the second half of 2018. Although that’s a bit vague, we can be certain that Intel will prominently advertise what new chips include the mitigations as we get closer to release.
Lastly, even older hardware will be getting the microcode updates — back to the 1st-gen Core processors. Remember Nehalem and Penryn? Those will be patched in time, as well. Anyone surprised that a Nehalem system is still in use anywhere probably hasn’t worked in IT at a big company or government agency. I bet there are 98SE systems running on Pentiums somewhere in the Department of Energy.
This announcement doesn’t require anything from users, but keep your computer up to date if you know how, and ask customer service for your device provider if you’re not sure.