As part of today’s Intel’s Fall Desktop Launch event, new 9th generation CPUs were announced that include hardware protection for two of the Spectre and Meltdown vulnerability variants. This information was slipped into the fine print of a slide announcing the release of Intel’s new 9th Gen CPUs as can be seen below.
Spectre and Meltdown protections in 9th Gen CPUs.
The fine print listed in the slide above states:
The new desktop processors include protections for the security vulnerabilities commonly referred to as “Spectre”, “Meltdown” and “L1TF”. These protections include a combination of the hardware design changes we announced earlier this year as well as software and microcode updates.
* Speculative side channel variant Spectre V2 (Branch Target Injection) = Microcode + Software
* Speculative side channel variant Meltdown V3 (Rogue Data Cache Load) = Hardware
* Speculative side channel variant Meltdown V3a (Rogue System Register Read) = Microcode
* Speculative side channel variant V4 (Speculative Store Bypass) = Microcode + Software
* Speculative side channel variant L1 Terminal Fault = Hardware
In March 2018, Intel announced that they would be adding hardware protection to forthcoming CPUs that would protect users against some of the variants through partitioning.
“While Variant 1 will continue to be addressed via software mitigations, we are making changes to our hardware design to further address the other two,” former Intel CEO Brian Krzanich stated in a press release. “We have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3. Think of this partitioning as additional “protective walls” between applications and user privilege levels to create an obstacle for bad actors.”
With the release of the 9th gen CPUs, hardware protection for the L1 Terminal Fault and Meltdown V3 vulnerabilities has been added, but the other vulnerabilities still require software and microcode protection.
For those looking for more information regarding the Spectre & Meltdown vulnerabilities, you can read out prior coverage:
Google: Almost All CPUs Since 1995 Vulnerable To “Meltdown” And “Spectre” Flaws
Microsoft: Performance Dip on Old Windows Versions Due Meltdown & Spectre Fixes
Intel Announces CPU Hardware Protections to Prevent Future Spectre-Like Flaws
Researchers Disclose New Foreshadow (L1TF) Vulnerabilities Affecting Intel CPUs
Previous software and microcode protections would cause a performance hit on older CPUs. With the release of these new CPUs, they are powerful enough that any performance hit caused by these protections should not be noticeable.
It has not been detailed what specific hardware changes were made add protection. BleepingComputer has contacted Intel for more information, but had not heard back at the time of this publication.
This is a developing story…