Skip to main content

Intel decides not to patch Spectre vulnerability for older processors

Intel Announces The Xeon 5100 Microprocessor For Servers
Court Mast/Intel via Getty Images

Intel revealed that it will not be issuing Spectre patches to a number of older Intel processor families, potentially leaving many customers vulnerable to the security exploit. Intel claims the processors affected are mostly implemented as closed systems, so they aren’t at risk from the Spectre exploit, and that the age of these processors means they have limited commercial availability.

The processors which Intel won’t be patching include four lines from 2007, Penryn, Yorkfield, and Wolfdale, along with Bloomfield (2009), Clarksfield (2009), Jasper Forest (2010) and the Intel Atom SoFIA processors from 2015. According to Tom’s Hardware, Intel’s decision not to patch these products could stem from the relative difficulty of patching the Spectre exploit on older systems.

“After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release microcode updates for these products,” Intel said. “Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.”

Because of the nature of the Spectre exploit, patches for it need to be delivered as an operating system or BIOS update, and if Microsoft and motherboard OEMs aren’t going to distribute the patches, developing them isn’t much of a priority.

“However, the real reason Intel gave up on patching these systems seems to be that neither motherboard makers nor Microsoft may be willing to update systems sold a decade ago,” Tom’s Hardware reports.

It sounds bad, but as Intel pointed out, these are all relatively old processors — with the exception of the Intel Atom SoFIA processor, which came out in 2015 — and it’s unlikely they’re used in any high-security environments. The Spectre exploit is a serious security vulnerability to be sure, but as some commentators have pointed out in recent months, it’s not the kind of exploit the average user needs to worry about.

““We’ve now completed release of microcode updates for Intel microprocessor products launched in the last 9+ years that required protection against the side-channel vulnerabilities discovered by Google Project Zero,” said an Intel spokseperson. “However, as indicated in our latest microcode revision guidance, we will not be providing updated microcode for a select number of older platforms for several reasons, including limited ecosystem support and customer feedback.”

If you have an old Penryn processor toiling away in an office PC somewhere, you’re probably more at risk for a malware infection arising from a bad download than you are susceptible to something as technically sophisticated as the Spectre or Meltdown vulnerabilities.

Jayce Wagner
Former Digital Trends Contributor
A staff writer for the Computing section, Jayce covers a little bit of everything -- hardware, gaming, and occasionally VR.
Intel says GPUs supporting older games is still ‘a work in progress’
Intel Arc Alchemist reference design render.

Intel has just shared a video update regarding the current state of gameplay on its Arc Alchemist GPUs. In a previous video, it was made clear that Intel's cards may struggle with games that aren't running on DirectX 12.

Intel Arc Graphics | Intel Arc Graphics Q&A - Legacy & Newer APIs

Read more
Intel processors may get a lot more expensive, giving AMD an edge
A render of an Intel Core HX chip.

According to a new report, Intel might be about to introduce a substantial pricing increase on the majority of its catalog. Unfortunately, this also includes consumer-level processors. The company cites an increase in production and material cost as the reason why it decided to up its prices.

For the customers, it all comes down to one thing -- PC hardware and pre-built desktops and laptops might get a lot more expensive. The two key questions are: How much worse will the prices get, and how will Intel's competitors respond to this decision?

Read more
Vulnerability steals data from Intel and AMD CPUs — and you’re probably affected
A technician placing a CPU into a motherboard socket for a PC.

Researchers just outlined a new vulnerability that affects processor chips -- and it's called Hertzbleed. If used to conduct a cybersecurity attack, this vulnerability can help the attacker steal secret cryptographic keys.

The scale of the vulnerability is somewhat staggering: According to the researchers, most Intel and AMD CPUs might be impacted. Should we be worried about Hertzbleed?

Read more