January 22, 2018
【外部リンク】
https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/
We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior. For the full list of platforms, see the Intel.com Security Center site.
【外部リンク】
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
Intel ID: INTEL-SA-00088
Product family: Systems with Speculative Execution
Impact of vulnerability: Information Disclosure
Severity rating: Important
Original release: Jan 03, 2018
Last revised: Jan 22, 2018
Affected products:
For non-Intel based systems please contact your system manufacturer or microprocessor vendor (AMD, ARM, Qualcomm, etc.) for updates.
The following Intel-based platforms are impacted by this issue. Intel may modify this list at a later time. Please check with your system vendor or equipment manufacturer for more information regarding updates for your system.
Intel® Core™ i3 processor (45nm and 32nm)
Intel® Core™ i5 processor (45nm and 32nm)
Intel® Core™ i7 processor (45nm and 32nm)
Intel® Core™ M processor family (45nm and 32nm)
2nd generation Intel® Core™ processors
3rd generation Intel® Core™ processors
4th generation Intel® Core™ processors
5th generation Intel® Core™ processors
6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Core™ X-series Processor Family for Intel® X99 platforms
Intel® Core™ X-series Processor Family for Intel® X299 platforms
Intel® Xeon® processor 3400 series
Intel® Xeon® processor 3600 series
Intel® Xeon® processor 5500 series
Intel® Xeon® processor 5600 series
Intel® Xeon® processor 6500 series
Intel® Xeon® processor 7500 series
Intel® Xeon® Processor E3 Family
Intel® Xeon® Processor E3 v2 Family
Intel® Xeon® Processor E3 v3 Family
Intel® Xeon® Processor E3 v4 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E5 Family
Intel® Xeon® Processor E5 v2 Family
Intel® Xeon® Processor E5 v3 Family
Intel® Xeon® Processor E5 v4 Family
Intel® Xeon® Processor E7 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
Intel® Atom™ Processor C Series
Intel® Atom™ Processor E Series
Intel® Atom™ Processor A Series
Intel® Atom™ Processor x3 Series
Intel® Atom™ Processor Z Series
Intel® Celeron® Processor J Series
Intel® Celeron® Processor N Series
Intel® Pentium® Processor J Series
Intel® Pentium® Processor N Series
【外部リンク】
https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/microcode-update-guidance.pdf
microcode revision guidance
January 23 2018
Microcode revision list –client
2
For those concerned about system stability while we finalize the updated solutions, we are also working with our OEM partners on the
option to utilize a previous version of microcode that does not display these issues, but removes the Variant 2 (Spectre) mitigations. This
would be delivered via a BIOS update, and would not impact mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown).
Product Names Public Name CPUID
STOP
deployment of
these MCU
versions
Continue
use of these MCU
versions Comments
Coffee Lake-S + KBL PCH 8th Generation Intel® Core™ Desktop Processor Family 906EB 80 0x72
Kaby Lake Refresh U4+2 8th Generation Intel® Core™ Mobile Processor Family 806EA 80 0x70
Kaby Lake U/Y, U23e 7th Generation Intel® Core™ Mobile Processors 806E9 80 0x70
Kaby Lake H/S/X/G, 7th Generation Intel® Core™ Processor Family 906E9 80 0x70
Skylake X Intel® Core™ i9 79xxX, 78xxX 50654 0200003A 0200002E
Skylake U/Y/U23e 6th Generation Intel® Core™ m Processors 406E3 000000C2 0xBE
Skylake H/S 6th Generation Intel® Core™ Processor Family 506E3 000000C2 0xBE
Broadwell U/Y 5th Generation Intel® Core™ Processor Family, Intel®
Pentium® Mobile Processor Family, and Intel® Celeron®
Mobile Processor Family
306D4 28 0x25
Broadwell H 5th Generation Intel® Core™ Mobile Processor Family 40671 0000001B 0x17
Haswell ULT 4th Generation Intel® Core™ Mobile Processor Family,
Intel® Pentium® Mobile Processor Family, and Intel®
Celeron® Mobile Processor Family
40651 21 0x20
Haswell Perf Intel® Core™ Extreme Processor (5960x, 5930x, 5820x) 40661 18 0x17
Haswell 4th Generation Intel® Core™ Mobile Processor Family,
Intel® Pentium® Mobile Processor Family, and Intel®
Celeron® Mobile Processor Family
306C3 23 0x22
Ivy Bridge 3rd Generation Intel® Core™ Mobile Processor Family, Intel®
Pentium® Mobile Processor Family, and Intel® Celeron® Mobile
Processor Family
306A9 N/A 0x1C Intel did not post a variant #2
mitigation MCU for this product
Sandy Bridge Intel® Core™ i3-21xx/23xx-T/M/E/UE Processor, Intel® Core™
i5-23xx/24xx/25xx-T/S/M/K Processor
Intel® Core™ i7-2xxx-S/K/M/QM/LE/UE/QE Processor
Intel® Core™ i7-29xxXM Extreme Processor
Intel® Celeron® Desktop G4xx, G5xx Processor
Intel® Celeron® Mobile 8xx, B8xx Processor
Intel® Pentium® Desktop 350, G6xx, G6xxT, G8xx Processor
Intel® Pentium® Mobile 9xx, B9xx Processor
206A7 N/A 0x29 Intel did not post a variant #2
mitigation MCU for this product
Microcode revision list –datacenter/ workstation
3
For those concerned about system stability while we finalize the updated solutions, we are also working with our OEM partners on the
option to utilize a previous version of microcode that does not display these issues, but removes the Variant 2 (Spectre) mitigations. This
would be delivered via a BIOS update, and would not impact mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown).
Product Names Public Name CPUID STOP deployment of these
MCU versions
Continue
use of these MCU versions Comments
Sandy Bridge Intel® Xeon® Processor E3-1200 Product Family 206A7 N/A 0x29 Intel did not post a variant #2 mitigation MCU for this product
Sandy Bridge E, EN, EP, EP4S Intel® Xeon® Processor E5 Product Family
Intel® Pentium® Processor 1405
206D7 N/A 0x710 Intel did not post a variant #2 mitigation MCU for this product
Sandy Bridge E, EN, EP, EP4S Intel® Xeon® Processor E5 Product Family
Intel® Pentium® Processor 1405
206D6 N/A 0x619 Intel did not post a variant #2 mitigation MCU for this product
Ivy Bridge Intel® Xeon® Processor E3-1200 v2 Product Family 306A9 N/A 0x1C Intel did not post a variant #2 mitigation MCU for this product
Ivy Bridge EN, EP Intel® Xeon® Processor E5v2 Product Family 306E4 0x42a 0x428
Ivy Bridge EX Intel® Xeon® Processor E7v2 Product Family 306E7 N/A 0x70D Intel did not post a variant #2 mitigation MCU for this product
Haswell EP, EN Intel® Xeon® Processor E5v3 Product Family 306F2 0x3b 0x3a
Haswell EX Intel® Xeon® Processor E7v3 Product Family 306F4 0x10 0x9 (M), 0xF (L)
Haswell Intel® Xeon® Processor E3-1200 v3 Product Family 306C3 23 0x22
Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50662 0x14 0xF
Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50663 0x7000011 0x700000D
Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50664 N/A 0x700000A Intel did not post a variant #2 mitigation MCU for this product
Broadwell NS Intel® Xeon® Processor D-1500 NS Product Family 50665 N/A N/A Intel did not post a variant #2 mitigation MCU for this product
Broadwell Intel® Xeon® Processor E3v4 Product Family 40671 0000001B 0x17
Broadwell E, EP, EP4S, EX Intel® Xeon® Processor E5v4 Product Family
Intel® Xeon® Processor E7v4 Product Family
406F1 0x25, 0x23 0x22
Kaby Lake (Xeon E3) 7th Generation Intel® Core™ Processor Family 906E9 0x80 0x5e
Skylake (Xeon E3) Intel Xeon Processor E3-1200 v5 Product Family 506E3 000000C2 0xBE
Skylake SP
Basin Falls
Intel® Xeon® Scalable Processor Family
Intel® Xeon® Processor W Product Family
50654 0x3a, 0x3c 0x39
【外部リンク】
https://newsroom.intel.com/press-kits/security-exploits-intel-products/
The Newest:
Jan. 22, 2018: Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners
By Date:
Jan. 3, 2018: Intel Responds to Security Research Findings
Jan. 4, 2018: Intel Issues Updates to Protect Systems from Security Exploits
Jan. 4, 2018: Industry Testing Shows Recently Released Security Updates Not Impacting Performance in Real-World Deployments
Jan. 8, 2018: Intel CEO Addresses Security Research Findings during 2018 CES Keynote Address
Jan. 9, 2018: Intel Offers Security Issue Update
Jan. 10, 2018: Intel Security Issue Update: Initial Performance Data Results for Client Systems
Jan. 11, 2018: Intel’s Security-First Pledge
Jan. 11, 2018: Intel Security Issue Update: Addressing Reboot Issues
Jan. 17, 2018: Firmware Updates and Initial Performance Data for Data Center System
【外部リンク】
https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
News & Performance Data Results
Jan. 22, 2018: Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners
Jan. 17, 2018: Firmware Updates and Initial Performance Data for Data Center Systems (Includes performance data results)
Jan. 11, 2018: Intel Security Issue Update: Addressing Reboot Issues
Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners
【外部リンク】
https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/
We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior. For the full list of platforms, see the Intel.com Security Center site.
【外部リンク】
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
Intel ID: INTEL-SA-00088
Product family: Systems with Speculative Execution
Impact of vulnerability: Information Disclosure
Severity rating: Important
Original release: Jan 03, 2018
Last revised: Jan 22, 2018
Affected products:
For non-Intel based systems please contact your system manufacturer or microprocessor vendor (AMD, ARM, Qualcomm, etc.) for updates.
The following Intel-based platforms are impacted by this issue. Intel may modify this list at a later time. Please check with your system vendor or equipment manufacturer for more information regarding updates for your system.
Intel® Core™ i3 processor (45nm and 32nm)
Intel® Core™ i5 processor (45nm and 32nm)
Intel® Core™ i7 processor (45nm and 32nm)
Intel® Core™ M processor family (45nm and 32nm)
2nd generation Intel® Core™ processors
3rd generation Intel® Core™ processors
4th generation Intel® Core™ processors
5th generation Intel® Core™ processors
6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Core™ X-series Processor Family for Intel® X99 platforms
Intel® Core™ X-series Processor Family for Intel® X299 platforms
Intel® Xeon® processor 3400 series
Intel® Xeon® processor 3600 series
Intel® Xeon® processor 5500 series
Intel® Xeon® processor 5600 series
Intel® Xeon® processor 6500 series
Intel® Xeon® processor 7500 series
Intel® Xeon® Processor E3 Family
Intel® Xeon® Processor E3 v2 Family
Intel® Xeon® Processor E3 v3 Family
Intel® Xeon® Processor E3 v4 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E5 Family
Intel® Xeon® Processor E5 v2 Family
Intel® Xeon® Processor E5 v3 Family
Intel® Xeon® Processor E5 v4 Family
Intel® Xeon® Processor E7 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
Intel® Atom™ Processor C Series
Intel® Atom™ Processor E Series
Intel® Atom™ Processor A Series
Intel® Atom™ Processor x3 Series
Intel® Atom™ Processor Z Series
Intel® Celeron® Processor J Series
Intel® Celeron® Processor N Series
Intel® Pentium® Processor J Series
Intel® Pentium® Processor N Series
【外部リンク】
https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/microcode-update-guidance.pdf
microcode revision guidance
January 23 2018
Microcode revision list –client
2
For those concerned about system stability while we finalize the updated solutions, we are also working with our OEM partners on the
option to utilize a previous version of microcode that does not display these issues, but removes the Variant 2 (Spectre) mitigations. This
would be delivered via a BIOS update, and would not impact mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown).
Product Names Public Name CPUID
STOP
deployment of
these MCU
versions
Continue
use of these MCU
versions Comments
Coffee Lake-S + KBL PCH 8th Generation Intel® Core™ Desktop Processor Family 906EB 80 0x72
Kaby Lake Refresh U4+2 8th Generation Intel® Core™ Mobile Processor Family 806EA 80 0x70
Kaby Lake U/Y, U23e 7th Generation Intel® Core™ Mobile Processors 806E9 80 0x70
Kaby Lake H/S/X/G, 7th Generation Intel® Core™ Processor Family 906E9 80 0x70
Skylake X Intel® Core™ i9 79xxX, 78xxX 50654 0200003A 0200002E
Skylake U/Y/U23e 6th Generation Intel® Core™ m Processors 406E3 000000C2 0xBE
Skylake H/S 6th Generation Intel® Core™ Processor Family 506E3 000000C2 0xBE
Broadwell U/Y 5th Generation Intel® Core™ Processor Family, Intel®
Pentium® Mobile Processor Family, and Intel® Celeron®
Mobile Processor Family
306D4 28 0x25
Broadwell H 5th Generation Intel® Core™ Mobile Processor Family 40671 0000001B 0x17
Haswell ULT 4th Generation Intel® Core™ Mobile Processor Family,
Intel® Pentium® Mobile Processor Family, and Intel®
Celeron® Mobile Processor Family
40651 21 0x20
Haswell Perf Intel® Core™ Extreme Processor (5960x, 5930x, 5820x) 40661 18 0x17
Haswell 4th Generation Intel® Core™ Mobile Processor Family,
Intel® Pentium® Mobile Processor Family, and Intel®
Celeron® Mobile Processor Family
306C3 23 0x22
Ivy Bridge 3rd Generation Intel® Core™ Mobile Processor Family, Intel®
Pentium® Mobile Processor Family, and Intel® Celeron® Mobile
Processor Family
306A9 N/A 0x1C Intel did not post a variant #2
mitigation MCU for this product
Sandy Bridge Intel® Core™ i3-21xx/23xx-T/M/E/UE Processor, Intel® Core™
i5-23xx/24xx/25xx-T/S/M/K Processor
Intel® Core™ i7-2xxx-S/K/M/QM/LE/UE/QE Processor
Intel® Core™ i7-29xxXM Extreme Processor
Intel® Celeron® Desktop G4xx, G5xx Processor
Intel® Celeron® Mobile 8xx, B8xx Processor
Intel® Pentium® Desktop 350, G6xx, G6xxT, G8xx Processor
Intel® Pentium® Mobile 9xx, B9xx Processor
206A7 N/A 0x29 Intel did not post a variant #2
mitigation MCU for this product
Microcode revision list –datacenter/ workstation
3
For those concerned about system stability while we finalize the updated solutions, we are also working with our OEM partners on the
option to utilize a previous version of microcode that does not display these issues, but removes the Variant 2 (Spectre) mitigations. This
would be delivered via a BIOS update, and would not impact mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown).
Product Names Public Name CPUID STOP deployment of these
MCU versions
Continue
use of these MCU versions Comments
Sandy Bridge Intel® Xeon® Processor E3-1200 Product Family 206A7 N/A 0x29 Intel did not post a variant #2 mitigation MCU for this product
Sandy Bridge E, EN, EP, EP4S Intel® Xeon® Processor E5 Product Family
Intel® Pentium® Processor 1405
206D7 N/A 0x710 Intel did not post a variant #2 mitigation MCU for this product
Sandy Bridge E, EN, EP, EP4S Intel® Xeon® Processor E5 Product Family
Intel® Pentium® Processor 1405
206D6 N/A 0x619 Intel did not post a variant #2 mitigation MCU for this product
Ivy Bridge Intel® Xeon® Processor E3-1200 v2 Product Family 306A9 N/A 0x1C Intel did not post a variant #2 mitigation MCU for this product
Ivy Bridge EN, EP Intel® Xeon® Processor E5v2 Product Family 306E4 0x42a 0x428
Ivy Bridge EX Intel® Xeon® Processor E7v2 Product Family 306E7 N/A 0x70D Intel did not post a variant #2 mitigation MCU for this product
Haswell EP, EN Intel® Xeon® Processor E5v3 Product Family 306F2 0x3b 0x3a
Haswell EX Intel® Xeon® Processor E7v3 Product Family 306F4 0x10 0x9 (M), 0xF (L)
Haswell Intel® Xeon® Processor E3-1200 v3 Product Family 306C3 23 0x22
Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50662 0x14 0xF
Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50663 0x7000011 0x700000D
Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50664 N/A 0x700000A Intel did not post a variant #2 mitigation MCU for this product
Broadwell NS Intel® Xeon® Processor D-1500 NS Product Family 50665 N/A N/A Intel did not post a variant #2 mitigation MCU for this product
Broadwell Intel® Xeon® Processor E3v4 Product Family 40671 0000001B 0x17
Broadwell E, EP, EP4S, EX Intel® Xeon® Processor E5v4 Product Family
Intel® Xeon® Processor E7v4 Product Family
406F1 0x25, 0x23 0x22
Kaby Lake (Xeon E3) 7th Generation Intel® Core™ Processor Family 906E9 0x80 0x5e
Skylake (Xeon E3) Intel Xeon Processor E3-1200 v5 Product Family 506E3 000000C2 0xBE
Skylake SP
Basin Falls
Intel® Xeon® Scalable Processor Family
Intel® Xeon® Processor W Product Family
50654 0x3a, 0x3c 0x39
【外部リンク】
https://newsroom.intel.com/press-kits/security-exploits-intel-products/
The Newest:
Jan. 22, 2018: Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners
By Date:
Jan. 3, 2018: Intel Responds to Security Research Findings
Jan. 4, 2018: Intel Issues Updates to Protect Systems from Security Exploits
Jan. 4, 2018: Industry Testing Shows Recently Released Security Updates Not Impacting Performance in Real-World Deployments
Jan. 8, 2018: Intel CEO Addresses Security Research Findings during 2018 CES Keynote Address
Jan. 9, 2018: Intel Offers Security Issue Update
Jan. 10, 2018: Intel Security Issue Update: Initial Performance Data Results for Client Systems
Jan. 11, 2018: Intel’s Security-First Pledge
Jan. 11, 2018: Intel Security Issue Update: Addressing Reboot Issues
Jan. 17, 2018: Firmware Updates and Initial Performance Data for Data Center System
【外部リンク】
https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
News & Performance Data Results
Jan. 22, 2018: Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners
Jan. 17, 2018: Firmware Updates and Initial Performance Data for Data Center Systems (Includes performance data results)
Jan. 11, 2018: Intel Security Issue Update: Addressing Reboot Issues
