Intel is revealing today that the company is introducing hardware protections against the Spectre CPU flaw that was discovered last year. While the Meltdown vulnerability will continue to be addressed through software updates, Intel CEO Brian Krzanich says the company has “redesigned parts of the processor to introduce new levels of protection through partitioning” that will protect against the Spectre variants. Intel’s next-generation Xeon processors (Cascade Lake) will include the new partitioning, alongside 8th generation Intel Core processors that ship in the second half of 2018.
The partitioning will work as an extra protective wall between regular applications and the user privilege levels to deter vulnerabilities like Spectre. Existing Intel processor owners without the new CPUs will have to continue to rely on firmware updates for Spectre protection, which also include potential performance impacts. That doesn’t appear to be the case for Intel’s future products. “As we bring these new products to market, ensuring that they deliver the performance improvements people expect from us is critical,” says Krzanich. “Our goal is to offer not only the best performance, but also the best secure performance.”
Intel is also revealing today that firmware updates are now available for 100 percent of its products launched in the last five years. Microsoft recently started bringing Intel’s Spectre firmware updates to its own Microsoft Update catalog, allowing IT admins to easily distribute them to systems.
Intel has previously issued buggy firmware updates that caused some system reboots. Microsoft was forced to issue an emergency Windows update to allow system administrators to reverse Intel’s patches, but it looks like Intel’s latest updates aren’t causing the issues we’ve seen before. Intel is now facing at least 32 lawsuits over the Meltdown and Spectre vulnerabilities, as the company continues to respond to the security problems that Google’s Project Zero team first reported back in June. It was also revealed last month that Intel didn’t warn the US government over the Meltdown and Spectre CPU flaws until the details were made public in January.