It appears that Intel has made the commitment to not update older chips with Spectre vulnerabilities. The company updated its patching guidance for Spectre this week, though there isn’t any good news. While Intel previously claimed that it would patch all affected chips, today’s clarification says that some product lines will not receive updates.
Most of the affected chips are older and not widely used. These include: the Bloomfield line, Clarksfield, Gulftown, Harpertown, Jasper Forest, Penryn, SoFIA 3GR, the Wolfdale line, and the Yorkfield line.
The company provided three reasons for not doing this:
– Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)
– Limited Commercially Available System Software support
– Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.
If you think about it, this move does make sense because most companies have likely upgraded from some of these older systems, which date back as far as 1998. Though one of these chips, the SoFIA 3G, is from 2015, which isn’t considered very old.
Intel appears to have accepted the fact that it couldn’t figure out how to fix its entire product portfolio and is now recommending users upgrade their processors if they want protection from the vulnerabilities. The company has continued to struggle as well to patch Spectre.