Intel released Microcode for CPU Linux to fix Meltdown and Specter
This article is in the series: Overview of vulnerabilities on Intel, AMD, ARM chips: Meltdown and Specter. Please read all the articles in the series to get information as well as take steps to protect your device against these two serious security holes.
On January 8, Intel released micro-data files for Linux processors to mitigate the effects of Meltdown and Specter vulnerabilities on their CPUs. By microcode files, the operating system can fix errors without performing BIOS updates on the computer.
- Why Intel killed the BIOS, switched to UEFI?
- How to enter BIOS (UEFI) on Windows 10
According to Intel, this release is available for 40 Linux versions and 2371 Intel processors, from the latest to the Pentium Processor 150 Mhz since 1995.
This release of microcode files only fixes errors on certain processors. Below is a list of updated microprocessors, the first column is the processor type, the second is the release note, and the last is the number of new releases.
Processor tables and updates
Windows users can also use these micro-updates but need to be tested by Microsoft first and released later. The final microcode update was released in 2015. It is not known whether Microsoft intends to release the update.
Application of microcode data files to Linux
On Linux, using these files is quite easy because Linux distributions are available as updates. To install, the best way is to use the Package Manager package management tool in the Linux distribution.
For Debian and Ubuntu, APT is recommended to install. Package Manager also installs dependencies if demand, such as incode-tool, for example. Redhat and Centos need to use Yum and find microcodt_ctl.
If you cannot update via Package Manager, you can install it manually. On modern Linux distributions it is often necessary to copy the downloaded intel-ucode directory, then to / lib / firmware, then run echo 1> / sys / devices / system / cpu / microcode / reload. You can see the example of updating Ubuntu manually here. https://www.bleepingcomputer.com/forums/t/667654/latest-ubuntu-meltdownspectre-updates-break-my-pc/?p=4420456
Ubuntu uses microcode microcode
This is Intel's instructions for installing microcode
- Instructions for updating microcode -
This package contains microcode files in 2 formats:
* microcode.dat
* intel-ucode directory
microcode.dat is a text file that is still used on some Linux distributions. The system can be updated via the update interface on the kernel
CONFIG_MICROCODE_OLD_INTERFACE = y.
To update microcode.dat for the system, need:
1. Be sure to have / dev / cpu / microcode
2. Write microcode.dat on the file, for example
dd if = microcode.dat of = / dev / cpu / microcode bs = 1M
The intel-ucode folder contains micro-binary files named after the template
family-model-stepping. The file is supported on most Linux kernels, usually in the / lib / firmware directory and can be updated via the microcode reload interface.
To update the intel-ucode package needed:
1. Be sure to have / sys / devices / system / cpu / microcode / reload
2. Copy the intel-ucode directory to / lib / firmware, overwrite the internal files
/ lib / firmware / intel-ucode /
3. Write on the reload interface of 1 to reload the microcode file, for example
echo 1> / sys / devices / system / cpu / microcode / reload
See more:
- AMD released a firmware update for Specter to fix the vulnerability on the CPU
- How slow is Meltdown and Specter, which is Microsoft's explanation
- There is an iOS and Mac update that fixes the Specter vulnerability
You should read it
- How to update Kali Linux and fix errors when updating
- How to prevent and handle when Windows Update deletes Linux
- Immediately patch CWP vulnerability that allows code execution as root on Linux servers
- How to set up or disable Linux Mint update notifications
- 14 interesting Linux commands in Terminal
- What's new in Linux Kernel 5.18?
- Linux Kernel 5.16 officially released with great features for gamers
- Update Linux kernel on Ubuntu via UKUU
May be interested
- Intel's chip has eight new serious vulnerabilitiesseveral weeks ago, google project zero security experts discovered eight new vulnerabilities in intel's chip design, which could directly lead to specter and meltdown, two vulnerabilities that negatively impacted performance. whole computer system.
- Origin of the name and logo of Meltdown and Specter - Melting and Ghoststhis article will only answer one question: why are they named so?
- Overview of vulnerabilities on Intel, AMD, ARM chips: Meltdown and Spectertwo newly discovered major computer chip security bugs, called meltdown and specter, affect most of the devices manufactured in the last 20 years. the level of influence of these two security bugs on devices is still being calculated, but it can lead to the server on the cloud computing platform being compromised, leading to bad effects. than.
- Intel will stop releasing patches for the Specter v2 security hole on some older CPUsrecently, intel has confirmed that it will stop updating the meltdown and specter security patches for certain products.
- New dangerous vulnerability in Intel CPU: Works like Specter and Meltdown, threatening all PCs and the cloudan extremely serious new class of intel chip vulnerabilities has been discovered by security researchers at graz university of technology, if successful exploitation of the bad guys can take advantage of it to steal sensitive information online. next from the processor.
- PC with Skylake and Kaby Lake CPUs failed to restart automatically after installing Meltdown & Specter patchnavin shenoy, intel's vice president, confirmed that pc systems using skylake and kaby lake high-end cpus after being patched with two serious security holes, meltdown and specter, also suffered from self-initiated errors. move again.
- Microsoft released an update for Surface, protecting it from Meltdown and Spectermicrosoft has released a number of updates to protect the surface tablet against two serious security holes on the cpu.
- Microsoft released an emergency patch for Windows, turned off the Specter patch, causing a drop in system performancemicrosoft's newly released emergency update for windows has removed the patch for two serious vulnerabilities specter and meltdown released since the beginning of the month.
- How to know if your Windows computer is affected by Meltdown and Specter?how to know if your windows computer is affected by meltdown and specter? let tipsmake.com learn more about the extent of the impact of the vulnerabilities and whether they affect your computer or not in this article!
- The new Specter vulnerability appears to be a new variant that easily 'crashes' secure partitions created by Intel SGXresearchers from the ohio state university have discovered a new dangerous variant of the specter vulnerability called sgxpectre with the ability to exploit information from safe partitions created by intel sgx.