October 9, 2018 // 10:27 a.m.
Intel has confirmed that its latest processors, the Coffee Lake-S and Basin Falls parts announced at an event last night, do not come with in-hardware protection against all currently-known Meltdown and Spectre security vulnerabilities - though promises that they are protected through a combination of software and microcode patches.
The shadow cast by the Meltdown and Spectre vulnerabilities, announced back in January, has been long: From the performance impact of patches to crashes bad enough that Intel would recommend against their use, the company has had a tough year. In late January since-departed chief executive Brian Krzanich, who was criticised for having sold the maximum allowable amount of his shares in the company after it had been informed of the flaw but before the news was shared with the public, promised in-silicon fixes this year; by March those fixes had been downgraded to applying only to selected variants.
According to documentation released by Intel, only the Coffee Lake-S parts - known to consumers as Ninth Generation Intel Core Desktop Processors - come with in-silicon protection against Meltdown and Spectre vulnerabilities, and at that only partial: Each chip in the range includes protection against the Meltdown Variant 3 and the more recently-discovered L1 Terminal Fault, or Variant 5, flaws. For other variants, including Spectre Variant 2 and Meltdown Variant 3a, the chips rely entirely on the same software and microcode patches as previous generations.
For those looking into the impressively-powerful 28-core Skylake-X Xeon W-3175X or the new high-end desktop (HEDT) Basin Falls-based Intel Core X-Series, there's worse news to come: Neither include any in-silicon protections against Spectre, Meltdown, or related vulnerabilities, relying wholly on software and microcode patches.
Intel has not commented on its work on securing its processors from the vulnerabilities since August.