Intel has reached one Meltdown/Spectre milestone and is moving on to the next one. The company plans to add “partitioning” to processors later this year to protect against two of the Spectre processor vulnerabilities, it said Thursday.
Intel said last week that it had begun sending patches for its Ivy Bridge and Sandy Bridge chips to its PC hardware partners, leaving just a few niche chips to be patched. That process has now been completed, Intel said Thursday, covering all of its processors released in the last five years.
Of the three side-channel attacks making up Spectre and Meltdown, the first Spectre vulnerability variant has essentially been patched via software. That code was originally authored by Intel, then routed to customers via hardware makers and Microsoft. Microsoft supplied OS patches as well as Intel’s microcode via Windows Update. But software patches alone won’t be enough to patch the second Spectre variant, as well as Meltdown. Both will demand hardware revisions, which will roll out later this year.
To accomplish that, Intel said it had designed “partitions” to protect against Spectre variant 2 and Meltdown. Those partitions will first appear within the next-generation Xeon, code-named Cascade Lake, as well as an unnamed 8th-generation Core chip expected to ship during the second half of 2018.
Put very broadly, Intel said these partitions would reinforce the protective walls between applications and privileged user levels that both Spectre and Meltdown breached by exploiting a weakness in speculative execution techniques. Though other processor vendors like ARM and AMD were also potentially affected, Intel’s chips were considered to be most vulnerable.
Leaked Intel roadmaps have already suggested that Intel’s desktop roadmap will be relatively spartan throughout 2018, with Coffee Lake chips dominating mainstream consumer PCs, and Skylake-X chips shipping for the enthusiast space. According to photos of its roadmap shared by KKJ.cn and others, Intel plans to update Skylake-X with a Cascade Lake-X chip beginning in the fourth quarter, along with Cascade Lake Xeon chips.
Intel said last May that the Cascade Lake Xeon chips will natively support what Intel calls “persistent memory,” essentially an Optane or 3D XPoint storage solution inside a DRAM form factor. It’s not clear whether Cascade Lake chips for the desktop will include the same persistent memory support.
What this means for you: The best way to protect your Intel-based PC from Spectre and Meltdown is to keep it patched and up-to-date—both from your OS vendor as well as from your motherboard vendor. (Microsoft has stepped in to provide microcode updates, assisting smaller vendors who wouldn’t or couldn’t provide timely patches.) What we don’t know is how serious Meltdown and Spectre will be, long-term—whether an exploit will ever arise that would force PC users to upgrade from vulnerable older chips.