Intel Issues New CPU Microcode Going Back To Gen8 For New, Undisclosed Security Updates
Well, this is a bit strange... Intel just published Friday afternoon CPU microcode updates for all supported processor families back to Coffee Lake "Gen 8" for undisclosed security updates.
Earlier this week was Patch Tuesday and Intel issued a round of new security advisories for various -- mostly software -- security issues. Of this month's security advisories, there was nothing pertaining to CPU microcode explicitly nor any "Intel Processor" advisories this month.
But hitting this Friday afternoon now for the Intel Linux CPU microcode repository are a new set of firmware binaries... The mentioned change is "Security updates for [INTEL-SA-NA]." The ID format is for the Intel Security Advisory (SA) and presumably NA is for "Not Available." Given it's dropping a few days past Patch Tuesday, it would appear to be for some new and not publicly disclosed issue.
Concerning as well is the scope of the new CPU microcode for the security update(s) are basically all supported CPU families. From Gen8 Coffee Lake and Whiskey Lake Mobile up through the latest Xeon Scalable Gen 4, Xeon Max, and Gen 13 Raptor Lake are all updated. Plus this is the first time seeing updated CPU microcode published for Alder Lake N CPUs as well as Atom C1100 "Arizona Beach" platforms.
Given the Friday afternoon drop following Patch Tuesday, security updates for an unpublished Intel Security Advisory, and the wide range of processors affected, I'm quite curious about this CPU microcode update. I'll be testing it over the weekend on some Intel CPUs to at least see if there is any performance impact of the new microcode. On Saturday I should have up an initial assessment if I find any measurable performance impact as a result of the new CPU microcode.
Linux users can find the new Intel CPU microcode files via this GitHub page. Those on Windows and other platforms will likely soon find the updated CPU microcode updates coming down through their respective channels.
Update [15 May]: An Intel spokesperson reached out today to share that this microcode update does not contain any security updates. Rather confusingly, the "Purpose: Security updates for [INTEL-SA-NA]" they say is to convey there are not any security updates. For past CPU microcode updates when there were no security fixes, this line was not present as for example last November's microcode update just laid out the "Update for functional issues" as the release explanation. As to what is changed though in this microcode revision spanning all these CPU generations, per Intel communications, there are unspecified functional updates.
Earlier this week was Patch Tuesday and Intel issued a round of new security advisories for various -- mostly software -- security issues. Of this month's security advisories, there was nothing pertaining to CPU microcode explicitly nor any "Intel Processor" advisories this month.
But hitting this Friday afternoon now for the Intel Linux CPU microcode repository are a new set of firmware binaries... The mentioned change is "Security updates for [INTEL-SA-NA]." The ID format is for the Intel Security Advisory (SA) and presumably NA is for "Not Available." Given it's dropping a few days past Patch Tuesday, it would appear to be for some new and not publicly disclosed issue.
Concerning as well is the scope of the new CPU microcode for the security update(s) are basically all supported CPU families. From Gen8 Coffee Lake and Whiskey Lake Mobile up through the latest Xeon Scalable Gen 4, Xeon Max, and Gen 13 Raptor Lake are all updated. Plus this is the first time seeing updated CPU microcode published for Alder Lake N CPUs as well as Atom C1100 "Arizona Beach" platforms.
Given the Friday afternoon drop following Patch Tuesday, security updates for an unpublished Intel Security Advisory, and the wide range of processors affected, I'm quite curious about this CPU microcode update. I'll be testing it over the weekend on some Intel CPUs to at least see if there is any performance impact of the new microcode. On Saturday I should have up an initial assessment if I find any measurable performance impact as a result of the new CPU microcode.
Linux users can find the new Intel CPU microcode files via this GitHub page. Those on Windows and other platforms will likely soon find the updated CPU microcode updates coming down through their respective channels.
Update [15 May]: An Intel spokesperson reached out today to share that this microcode update does not contain any security updates. Rather confusingly, the "Purpose: Security updates for [INTEL-SA-NA]" they say is to convey there are not any security updates. For past CPU microcode updates when there were no security fixes, this line was not present as for example last November's microcode update just laid out the "Update for functional issues" as the release explanation. As to what is changed though in this microcode revision spanning all these CPU generations, per Intel communications, there are unspecified functional updates.
9 Comments