Intel will not patch your pre-2011 PC or laptop against Spectre and Meltdown flaw

04 Apr 2018
If You Have Old PC/Laptop Models Intel Will NOT Release Patch For Spectre And Meltdown Flaw

If You Have Old PC/Laptop Models Intel Will NOT Release Patch For Spectre And Meltdown Flaw

If you have been following cybersecurity news, Intel chips were in news in 2017 for two famous flaws Spectre and Meltdown. The risks from these two vulnerabilities were so great that a potential hacker could remotely control your PC/Laptop once he/she had exploited the flaw. The newsbreak of Spectre and Meltdown flaws caused a huge furor with Intel shares dropping over 10 percent when the flaws were leaked. Intel had immediately released a public statement saying that it will release a fix for all Intel chips against these two critical vulnerabilities.

But the latest news is that if you own older especially pre-2011 model Intel run PC/laptop or server, you will not be getting the Spectre and Meltdown fix from Intel. For some strange reason, Intel is issuing a patch for an only fixed number of chips manufactured by it leaving the older computers and laptops vulnerable to hack attacks.

Intel’s Microcode Revision Guidance, dated April 2 states that the Spectre and Meltdown patch will be released only for a select few chip families. The product families for which the patch will be released include chips from Intel’s Core, Celeron, Pentium, and Xeon-branded CPUs.

The microprocessor maker has already released microcode updates to fix the Spectre v2 vulnerability for many of its processors going back to the second generation Core (Sandy Bridge). However, owners of older PCs and laptops were awaiting a similar patch release for their machines. With the latest guidance, Intel has essentially put an end to their microcode program and will be leaving many PCs and laptops vulnerable to the Spectre and Meltdown exploits.

Intel’s Microcode Revision Guidance cites following reasons for not issuing patches for older computers.

  • Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)
  • Limited Commercially Available System Software support
  • Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.

Although most of the CPUs in the “stopped” list are oldies that were sold between 2007 and 2011 the risks of leaving them unpatched is too great.

RELATED POST

Leave a reply