[German]Intel has stopped developing microcode updates to close the meltdown vulnerability for older CPUs. This can be seen in the latest Intel Microcode Update Guidance revision.
Originally Intel intended to offer microcode updates for all CPUs that are up to 5 years old to close the meltdown/spectre 2 vulnerability. At least that was my understanding. German blog reader Stefan P. pointed out to me that Intel has changed its mind.
In March 2018 Intel has planned further updates
If you look at the Intel PDF document Microcode Update Guidance dated March 6, 2018, you will not only find a list of CPUs for which microcode updates have been released. There are mentioned also more microcode update planned for near future.
I’ve addressed this within my blog post Intel Spectre/Meltdown Microcode Updates (March 11, 2018).
Intel stooped microcode update development
A new revision of the Microcode Update Guidance from April 2, 2018, be available as a PDF document, changes some things. Browsing through the pages of this PDF document, shows entries like the ones shown below .
The microcode updates for Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0 and E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale family and the Yorkfield CPUs are listed as “Stopped”. Intel gives the following reason for the’Stopped’ status:
Stopped – After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products for one or more reasons including, but not limited to the following:
• Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)
• Limited Commercially Available System Software support
• Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.
Intel has stopped the development of microcode updates because the microarchitecture prevents the development of patches, the CPUs have ‘little practical significance’ or because customers use the CPUs in closed systems and do not expect any attacks there.