Intel Deploys Undisclosed Microcode Security Update For CPUs Going Back To Coffee Lake
Found in a Linux publication phonics (opens in new tab)Intel released a CPU microcode update for its processors on Friday afternoon, dating back to Coffee Lake. Unfortunately, the changelog doesn’t delve into details other than that the new microcode fixes an undisclosed security issue.
This security issue did not appear on the Patch Tuesday list, a colloquial term for companies that release patches on the second Tuesday of each month. Additionally, Phoronix pointed out that there was no mention of CPU microcode updates or new Intel security advisories this month.
A security advisory is a fix for a vulnerability that Intel has discovered that affects its products. Given the sudden release of CPU microcode, it’s safe to assume that this security vulnerability is likely a new vulnerability that Intel hasn’t publicly announced yet. However, it’s not unheard of for chipmakers to release security updates or microcode before problems surface.
Nayeli Rico, a BIOS engineer at Intel, Release notes (opens in new tab) and source code for microcode-20230512 released 20 hours ago. The description says: “The next security update [INTEL-SA-NA]The acronym “SA” probably stands for Security Advisory, while “NA” probably stands for “Not Available”.
Any security vulnerability will obviously affect many of Intel’s platforms, including the latest consumer Intel 13th Gen Core Raptor Lake and 4th Gen Xeon Sapphire Rapids server chips. However, this is the first time recent lineups such as Alder Lake-N and Atom C series (Arizona Beach) have received microcode updates. This long list includes desktop processors dating back to the Coffee Lake era and his upcoming mobile chips starting with Kaby Lake.
Without proper documentation, the scope of a security problem cannot be assessed. Intel’s list only includes platforms that receive new microcode. It is not specified if this issue only affects the listed platforms or if legacy processors prior to Coffee Lake are also affected.
Motherboard vendors usually include new microcode in their firmware updates. However, unless it’s an immediate issue, it may take some time before the manufacturer releases new firmware. In some cases, it may be faster for the chip manufacturer to push microcode updates through Windows Update. However, this media type has its drawbacks because it does not modify hardware or firmware. Instead, the operating system must load microcode on every reboot.
Meanwhile, the new CPU microcode update has already arrived in Linux, and Phoronix has already conducted tests to measure its performance impact on Intel’s mobile Alder Lake-P processors and desktop Raptor Lake processors. Windows users should receive microcode soon.