Intel updated its patch guide for Specter this week, continuing the months-long process to solve the critical security problem. Although the company had previously said it planned to patch all the affected chips, today it clarified that some product lines will not receive updates. Most are older and, presumably, are not as used. They include: the Bloomfield line, Clarksfield, Gulftown, Harpertown, Jasper Forest, Penryn, SoFIA 3GR, the Wolfdale line and the Yorkfield line.
Intel says it has stopped producing these fixes for three reasons, in its words:
– Micro architectural features that prevent a practical implementation of the features that mitigate Variant 2 (CVE-2017-5715)
-Commercially limited system software support
– Based on customer input, most of these products are implemented as "closed systems" and, therefore, are expected to have a lower probability of exposure to these vulnerabilities.
I would expect that most companies have updated some of these older systems, which date back to 1998. But at least one of these chips, the SoFIA 3G, is from 2015, which is not very old. Intel, it seems, can not find a way to fix its entire product portfolio and, instead, recommends that users update their processor if they want protection.
The company has continuously fought to patch up Specter. Earlier this year, he advised users to stop implementing these patches because they caused constant restarts. Then he adjusted the corrections and resumed the launch. Still, it's now April, and Intel continues to work on these patches, almost a year after it first learned about the security flaw. That is not great!