Intel Deploys Undisclosed Microcode Security Update For CPUs Going Back To Coffee Lake

As spotted by Linux publication Phoronix, Intel released CPU microcode updates for processors all the way back to Coffee Lake on Friday afternoon. Unfortunately, the changelog doesn't delve into details other than that the new microcode fixes an undisclosed security issue.

The security issue didn't make the list on Patch Tuesday, a colloquial term referring to companies that released patches on the second Tuesday of each month. Furthermore, Phoronix noted that there hadn't been any mentions of a CPU microcode update or any new Intel Security Advisory for the month. 

Security Advisories are fixes for vulnerabilities that Intel has discovered affecting its products. Given the sudden CPU microcode release, it's safe to assume that the security vulnerability is likely a new one that Intel hasn't publicly communicated yet. However, it's not unheard of for chipmakers to roll out security updates or microcode before the issue comes to light.

Motherboard vendors typically include new microcode in their firmware updates. However, unless it's a pressing issue, sometimes it takes a bit when manufacturers release new firmware. Occasionally, it's faster for chipmakers to push the microcode update through a Windows update. However, this medium type has disadvantages since it doesn't alter the hardware or the firmware. Instead, the operating system must load the microcode during each restart.

TOPICS
Zhiye Liu
News Editor and Memory Reviewer

Zhiye Liu is a news editor and memory reviewer at Tom’s Hardware. Although he loves everything that’s hardware, he has a soft spot for CPUs, GPUs, and RAM.

  • Elusive Ruse
    Goddammit! You were not supposed to find out!
    Reply
  • Releasing the patches some time before disclosing the vulnerability has become a standard practice at this point, and it can give people some time to upgrade. It's actually not a bad idea to release patches before disclosing any specific vulnerability.
    Reply
  • Peter Cockerell
    However, this medium type has disadvantages since it doesn't alter the hardware or the firmware. Instead, the operating system must load the microcode during each restart.
    Not sure I get this. As far as I understand it, microcode updates are stored in volatile memory on the processor. This means they always have to be loaded at restart, no matter where they come from. The only thing that varies is how early in the boot process (or after boot) they're applied
    Reply
  • Matt_ogu812
    Elusive Ruse said:
    Goddammit! You were not supposed to find out!
    ‘Oh what a tangled web we weave/When first we practice to deceive,’
    Reply