Some older Intel chipsets will never receive a patch against Spectre variant 2.
Intel have recently updated their schedule for planned microcode updates to patch against the Spectre variant 2.
It has revealed that certain older chipsets will not be receiving patches to protect against the Spectre variant 2 vulnerability.
Ondrej Kubovič, ESET Security Awareness Specialist, comments on end-of-life/end-of-support in technology, as well as how owners of the still vulnerable chips can best protect themselves.
“This approach by Intel is not completely new. End-of-support for legacy systems is a standard procedure usually triggered by development of new and more advanced hardware and software, or changes in the way people interact with their devices.
“What’s interesting about this case is that it might be the first time when major bugs - such as Meltdown and Spectre – were the main accelerator for this process.
“Non-patching of the mentioned vulnerabilities should affect mostly CPUs that were manufactured more than 5 years ago.
“We can only hope this will give Intel more space to concentrate on the patching of the still widely-used systems and only isolated and sparsely used systems will be left out of the patching loop.
“For those still using vulnerable components: These flaws enable attackers to harvest information, not to modify them. Therefore, if the system contains no personal or sensitive data, or is used for other purposes but not for browsing, it should be relatively secure.
“Also users can improve their security by applying Meltdown and Spectre patches issued by OS, browser and other software developers.
“Of course, the safest thing to do is to replace the vulnerable hardware for newer non-vulnerable components. In case HW replacement or patching is not possible, users can also air gap their system to stay out of attacker’s reach.”
Have you, or your place of business, changed any hardware due to Spectre and Meltdown? Let us know on Twitter @ESETUK.