Intel Says Some CPU Models Will Never Receive Microcode Updates

An anonymous reader writes: Intel released an update to the Meltdown and Spectre mitigation guide, revealing that it stopped working on mitigations for some processor series. The Meltdown and Spectre mitigation guide is a PDF document that Intel published in February. The file contains information on the status of microcode updates for each of Intel's CPU models released in the past years. Intel has constantly updated the document in the past weeks with new information about processor series and the microcode firmware version number that includes patches for the Meltdown and Spectre flaws.

An update published on Monday includes for the first time a "Stopped" production status. Intel says that processors with a "Stopped" status will not receive microcode updates. The reasons basically vary from "redesigning the CPU micro-architecture is impossible or not worth the effort" to "it's an old CPU" and "customers said they don't need it." The following Intel processor products received a "Stopped" status marker: Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0, Wolfdale M0, Wolfdale E0, Wolfdale R0, Wolfdale Xeon C0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon.

This is BS.

[Joey+Vegetables]

I'm sorry, but if I'm investing in a high-end, server-class CPU, I expect it to be supported for as long as is reasonably possible. If they said they weren't updating 10 year old Celerons or Atoms, that might be understandable. But Xeons? Let's just say I don't plan to every buy one again, at least so long as AMD represents a reasonable alternative. In fact, I will always stick with AMD (as I long have, for other reasons) until and unless Intel makes some kind of definite, enforceable support commitment.

Re:This is BS.

[kelemvor4]

I'm sorry, but if I'm investing in a high-end, server-class CPU, I expect it to be supported for as long as is reasonably possible. If they said they weren't updating 10 year old Celerons or Atoms, that might be understandable. But Xeons? Let's just say I don't plan to every buy one again, at least so long as AMD represents a reasonable alternative. In fact, I will always stick with AMD (as I long have, for other reasons) until and unless Intel makes some kind of definite, enforceable support commitment.

Look at the release dates for the specific Xeons on their list. For example, the W3520. It was released 9 years ago. I don't blame them one bit for not updating ancient chips like that. If it was a chip released in 2016 I think owners could reasonably be upset. Intel only provides 3 year warranties on Xeon processors. If they were feeling generous, they might provide updates for chips 5 years out...

Re:This is BS.

[Joey+Vegetables]

Hello Intel troll. Sorry you're feeling even more inadequate today than usual. Given the news, I can't say I blame you.

Re:This is BS.

[Joey+Vegetables]

None of this makes me feel any more inclined to favor Intel over AMD. This isn't their first "brown paper bag" bug and I doubt it will be their last. If only a 3 year warranty is even offered on some of the highest-end chips they made at the time, when some new cars are warrantied for 10, I think that says something really awful about even Intel's own assessment of whether its products can be supported in the long term. AMD may or may not be drastically better, but Intel has set a very low bar, and it is going to take them serious time to earn back my business, assuming they ever do.

Re:This is BS.

[Archtech]

The processor of the PC on which I am writing this is just ten years old. Why do you believe that a ten-year-old processor should not be in use? (You should see my car: it's 18 years old. But then it's a Volvo, properly designed and robustly built).

It's not even as if you can buy processors today that are very much faster than my ancient i7-940. Their price/performance may be better, but guess what? I don't care because I *already paid for mine*. Of course, I am referring to single-core performance which is the limiting factor for most desktop applications. The i7-940 has four cores, which I feel is about right for a desktop - any software that does benefit from parallelism will see a significant speed-up.

Perhaps you are a devotee of the cult of technical progress. In which case you should take a long look at the facts, and understand that Intel microprocessors are not a very good example of such progress.

Re:This is BS.

[Aaden42]

Realistically most enterprise customers use hardware for 3 to a MAXIMUM of 5 years, then it's out the door. Even high-end Xeon CPU's. It's entirely plausible that the bulk of actual enterprise customers(*) don't care.

(*) Note: actual enterprise customers, not nerds who buy surplus servers off eBay to run in their basements.

Disclaimer: I am one such nerd.

Re:This is BS.

[MightyYar]

I wish! We still have SPARC machines.

Re:This is BS.

[Barny]

Yes and no. I had an i7 960 myself, and was starting to find performance slipping on some media tasks (in my case exporting in GIMP) as well as general multitasking. I was planning an upgrade, and looked at the sky-high prices of modern intel CPUs, and decided to try AMD. Quite happy with my Rizon 1700X system I built, and I have yet to see it actually slow down at all.

Note: the i7 960 is still in use. It got migrated down the chain of ownership to be the center of a FreeNAS box. As such I don't need the microcode upgrade for it, since no potentially hostile code runs on it.

Re:This is BS.

[rahvin112]

Hah, Most enterprises are using computers for a minimum of 5 years now because the hardware isn't improving at a fast enough rate. As an example, Anandtech recommended that with the most recent Kaby Lake processors it was finally worth it to replace Sandy Bridge processors as KL finally represented a 20 percent increase in performance over SB. KL and SB are more than 10 year apart (KL is generation 8 Core Microarchitecture, and SB is generation 2 Core Microarchitecture) that means it took 6 revisions before there was a 20% difference in performance.

CPU performance growth has drastically slowed since about 2008, you'd have to be crazy to replace a PC before 5 years at this point because there is literally no benefit to doing so.

Re:This is BS.

[luvirini]

Well, as example one of our customers has following servers in their server room doing variety of tasks:

-One is brand new and is the primary server running a bunch of virtual machines.
-A second is the four or five year old server that it replaced and is retained as backup to run the virtual machines if needed.
-The main production management system has 2 servers (main and backup), both were bought in 2007/2008. (so approx 10 years).
-There is the exchange server from about 2011(so about 7 years). Will be removed this summer so one less old server after that.
-There is the warehouse system that was migrated to a new server about 2005. It requires a dongle placed on a parallel port and a NT 3.51 driver, that luckily apparently works in server 2003 at least.
-There is the telephony server from about 2011 or 2012.

That customer is the most obvious such, but there is a surprising number of old servers here and there, though more and more of them are being replaced by cloud solutions or moved into virtual machines.

The main servers are often fairly new, but there is a surprising number of special servers doing some specific thing that were bought at one time and never updated, that could usually be migrated to virtual machines but many customers are reluctant to do anything on a system that works.

Looking at a few customers documentation there is quite often at least one server running something like windows server 2003 in the original server it was installed on.

Re:This is BS.

[blind+biker]

AMD may or may not be drastically better,

Seeing as though AMD CPUs are not susceptible to Meltdown, I would say they have an enormous advantage over intel's. The fact is that Meltdown, unlike Spectre, is very easily exploitable in practical terms, and is the one people should be actually worried about.

PDF ends with "Intel - Experience what's inside"

[JoeyRox]

Apparently what's inside is the experience of abandonment.

Code names

[H3lldr0p]

Can we get a run down of the retail names for these CPUs? I feel like Intel is running a fast one on us through these code names.

Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0, Wolfdale M0, Wolfdale E0, Wolfdale R0, Wolfdale Xeon C0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon

Are these 2012 or 2014 i5s or i7s? Xeons, are they the server or high end desktop kinds. Did HP or IBM use them in their products? Where should I be looking for more information guys?

Re:Code names

[EvilSS]

Where should I be looking for more information guys?

Maybe start with the linked PDF instead of asking in here like Intel reads /.

Re:Code names

[Xenolith0]

Wikipedia has a nice table: https://en.wikipedia.org/wiki/List_of_Intel_CPU_microarchitectures#Pentium_4_/_Core_Lines

Admission of inadequacy

[Archtech]

'Intel says that processors with a "Stopped" status will not receive microcode updates. The reasons basically vary from "redesigning the CPU micro-architecture is impossible or not worth the effort" to "it's an old CPU" and "customers said they don't need it."'

Well, I am writing this on an Intel Core i-7 940, and I *do* need it. I paid quite a lot for this PC (although a while ago) and I don't see why I should not expect it to work reliably.

In general, moreover, it seems axiomatic that anyone who owns and is using one of those processors marked "Stopped" does need a fix.

It seems that Intel is ready to admit that it was (and may be still) unable to design and build processors that were dependably secure in normal operation.

Also that it is willing to let its customers down without compensation.

Re:Admission of inadequacy

[nbritton]

Well, I am writing this on an Intel Core i-7 940, and I *do* need it. I paid quite a lot for this PC (although a while ago)

Do you know that you can pickup a Xeon X5670 for $30 on eBay?

Re:Gah please don't shoot us!

[Opportunist]

Live by the QWORD, die by the QWORD.

and Manhattan erupted in

[nimbius]

the deafening cacophony of cheers and laughter as class action suit attorneys joined hands together again in a fit of glorious praise. For today, the Intel legal team had truly blessed them with a bountiful harvest. Yes, truly, the second summer home in the Hamptons would see a new wet bar and game room after all.

Re:TRUMP's FAULT!!

[Penguinisto]

...didn't realize Trump worked for Intel's marketing department ;)

On a more serious note, the real reason is kinda two-fold:

* The marketing ROI is crap for many of these CPU models, to the point where the goodwill generated is gonna be way too low for the effort required to implement the fixes in them.

* The second reason can be summed up as "...maybe it's time to for you to buy some new gear...", which is still pretty much in Intel's favor (of course there's always going to be folks who get pissy enough about it to buy AMD CPU gear, but I'm betting that since most folks only see these fixes as a hindrance, the number of people going to AMD over this is not much more than statistical noise...)

Re:Old CPU's...and does it matter?

[freeze128]

A BIOS update would certainly be nice, but it's not necessary. The OS can apply microcode updates (both windows and linux) during boot time. Also, these microcode updates don't survive a power-off event. There is no flash memory on the CPU. The OS would need to apply the microcode on every boot, which is what it does.

This is not entirely fair.

[emil]

AMD isn't pushing a Spectre fix for older CPUs. Nor is Qualcomm for Snapdragon. Nor is Samsung for Exynos. We could go on for quite a long time with such a list.

If you need the fix for your i7 which Intel has abandoned (just like all the vendors above), run a modern Linux kernel where you see the file /sys/devices/system/cpu/vulnerabilities/spectre_v2. If this file contains the word "Full" then your kernel is protected, and you don't need microcode.

The microcode is only required on Skylake and newer for full remediation.

Cortex A75

[emil]

Do you think that ARM will be replacing all the Cortex A75s that are vulnerable to the full range of Meltdown and Spectre vulnerabilities? Are we sure that Apple's ARM implementations will have superior security architecture?

Unrealistic expectations

[sjbe]

None of this makes me feel any more inclined to favor Intel over AMD. This isn't their first "brown paper bag" bug and I doubt it will be their last.

AMD has bugs in their chips too. They're vulnerable to Spectre as well.

If only a 3 year warranty is even offered on some of the highest-end chips they made at the time, when some new cars are warrantied for 10

You only see a 10 year warranty on powertrains (which seldom break) and even then it isn't a 10 year warranty, It's typically a 10 year OR 100,000 mile warranty, whichever comes first. The comprehensive warranties are 3-5 years OR 30-50K miles.

I think that says something really awful about even Intel's own assessment of whether its products can be supported in the long term.

Find me ANY large chip maker offering support on a ten year old chip. Why would they offer support on chips that by computer industry standards are ancient when none of their competitors do either? AMD certainly isn't offering 10 year warranties.

AMD may or may not be drastically better, but Intel has set a very low bar, and it is going to take them serious time to earn back my business, assuming they ever do.

Sounds to me like you already preferred AMD and were just looking for a reason to bash Intel. If you prefer AMD that's fine. They make good products in general and I'd have no quarrel with someone choosing AMD chips. But if you think AMD is going to be any better on the support front than Intel you are being naive.

Baby I'm Amazed

[jonesy16]

The sheer number of insults being thrown at Intel over this issue is pure amazement. Comparisons to cars (#causeSlashdot) and of course to AMD (#flameon), but it seems to me that there are far too great of expectations for the level of support a company should provide, especially given the sheer complexity of a processor and how it relates to security threats. To expect the design of something like a general purpose CPU to be perfect out of the door and error-free for the next several decades seems ridiculous to me. The claims that people now have to throw away their hardware because of this seem equally ridiculous.

At some point, ANY for-profit company is going to stop supporting an old product, especially in a low-margin environment. The sheer rate of technological advancement almost necessitates that. Let's stop blaming Intel for what is effectively an industry-normal rate of support. Consider that 10 years ago:

We were on the 2.4 Linux Kernel (no longer supported with updates)
Intel Processors were running on LGA775 sockets (NewEgg sells only 2 compatible motherboards directly, both from ASRock. ASUS/Gigabyte/ETC all don't sell compatible motherboards anymore)
We were running RHEL 2/3/4, all of which are no longer supported

But I don't see anyone griping that these other entities are engaged in the practice of forced upgrades, leaving their trusted and loyal customers hanging in the face of growing security concerns. So maybe all the Intel bashing should either subside or should be expanded to the entire industry, but I think the latter is a bit naive. Security threats evolve, new ones are created, old ones forgotten or mitigated. If it were easy, there wouldn't be a dozen new packages to update my OS every day. Remember that Intel can't just push all updates to these older architectures by themselves either, some require BIOS updates and now you're expecting motherboard companies to update a product they haven't touched in a decade as well.

Re:Baby I'm Amazed

[dmpot]

Consider that 10 years ago:

We were on the 2.4 Linux Kernel (no longer supported with updates)

Linux 2.6 was released in December 2003.

Re:Please join class action lawsuits

[xxxLCxxx]

We could add a few more:

• CEO - illegally - selling all his shares after he received notice that their "bugs" were going to come afloat
• CEO being caught lying about it
• paid "journalists" and a surreal smear campaign against the main adversary
• "rewarding" shops for kicking out the adversary (past, lost in courts and it doesn't seem to have changed much)

• ...

Re:RL Support Timelines

[mckwant]

I hear you, but there are valid reasons for driving a '55 Chevy. I'm a 2000 Civic guy myself, but old cars are pretty, and if mechanic-ing is your thing, Godspeed.

Less confident that's the case here, though. I haven't tracked Intel names for a while now, but got bored/curious, data Wikipedia except for one:

Bloomfield / Bloomfield Xeon: 4c/8t, running 2.4-3.3GHz, produced '08-'11.
Clarksfield: Mobile Quad i7, 1.6-2.0GHz base, 3.2 turbo. 45W TDP, produced '08-11.
Gulftown: 6 cores running 3.2-3.4GHz, production started in '11
Harpertown: Quad core, 2-3.4GHz, produced '07-present
Jasper Forest: Quad core, 1.7-2.4GHz, produced '10-present
Penryn: Mobile C2D, 2-4 cores, 1.2-3GHz, produced '07-'11
SoFIA 3GR: (Intel page) 2W TDP, 1.1GHz Atoms, and that's enough about that
Wolfdale: 2 cores, 2.5-3.5GHz, produced '07-'11
Yorkfield: Quad core, 2.3-3.2GHz, produced '07-'11

What in there is worth the time to refurbish? Bloomfield/Gulftown, we'll talk, maybe, but it would literally have to drop into my lap, come in a fully functioning box, and I'd have to invent a task for it. Even then, finding memory/cards/etc. would be problematic, and you're definitely stuck on USB 2.0. At best. No, I'm not doing the research.

I can see why folks are getting their shorts in a bind, but let's pump the brakes a little bit, anyway. I dunno. Probably just another "Yeah, you're officially old now" moment.

Re:Apple can't move to ARM fast enough

[Rockoon]

Apple still cant afford to buy Intel, but that wont be a problem soon. I've been saying that Intel is in very serious trouble since their first round of layoffs and their new "cloud focus" marking. That hasnt changed.

These bugs are bad for Intel, but their real problem is much much deeper. They've lost their process edge and are now falling behind. They wasted several years trying to get 10nm 3D tri-gates working because 14nm 3D tri-gates was what gave them their huge lead. Dont know how much money they directly burned chasing their dead end design, but the real cost is the time. They were over a generation ahead. Now they are a walking into being a generation behind and no indication that they figured out 10nm yet.