Buzz
Last week, Intel pledged to release a microcode update to address the Meltdown and Spectre vulnerabilities. Finally, the update is now available for many processors released in the past 5 years. Users are advised to promptly update their microcode.
Additionally, Intel lists several Linux-based operating systems that are supported. These include Red Hat Enterprise Linux 7.4, 7.3, 7.2, 7.1, and 7.0, Red Hat Enterprise Linux 6.8, 6.7, 6.6, 6.5, 6.4, 6.3, and 6.2, SUSE Linux Enterprise Server 12, SP3, SP2, and SP1, SUSE Linux Enterprise Server 11, SP4, SP3, SP2, and SP1, SUSE Linux Enterprise Server (SLES) 12.2, CentOS 7.4, 7.3, 7.2, 7.1, and 7.0, Debian 8.x and 7.x, Fedora 24 and 23, as well as Ubuntu 16.04 LTS and 14.04 LTS.
Refer to how to check the generation of Intel processors here
The list of supported operating systems includes Red Hat Linux, SUSE Linux, Ubuntu, OpenDesktop, Google Chrome OS, and Chromium OS. This means any Linux-based distribution can be updated.
Learn how to perform Intel CPU microcode updates on Linux
Intel distributes repositories for Linux operating systems containing the microcode.dat file in a traditional text format still utilized by certain Linux distributions. This enables users to update Intel CPU microcode through the legacy microcode update interface present in the Linux kernel, and it can be activated with the option CONFIG_MICROCODE_OLD_INTERFACE=y.
To update microcode.dat on the system, first ensure that /dev/cpu/microcode exists. Then, write microcode.dat to the file using the command dd if=microcode.dat of=/dev/cpu/microcode bs=1M in the Terminal emulator. After completing the process, restart the device to apply the changes.
Linux is an open-source operating system, resulting in the release of numerous distributions. Explore the most popular Linux operating systems here
The microcode update repository also includes the intel-ucode directory, representing the second method for microcode installation, supported on most modern GNU/Linux distributions. To update microcode using this method, ensure /sys/devices/system/cpu/microcode/reload exists, copy the entire intel-ucode directory to /lib/firmware, overwrite files in /lib/firmware/intel-ucode/, trigger the reload interface to 1 to reload microcode files (e.g., echo 1>/sys/devices/system/cpu/microcode/reload), and restart the device. If unfamiliar with Firmware, refer to the article: Comparing BIOS and Firmware here
Before the security vulnerabilities Meltdown and Spectre, any processor manufacturer or operating system developer faced challenges, especially Microsoft. During this time, not only did Intel release a Microcode Patch for the Linux operating system, but also Windows developer, Microsoft issued nearly 160 security updates for products to address the vulnerabilities.
