Guest Post:: The Curious Case of the Intel Microcode Part #2 – It Gets Better — Then Worse

This post was originally published on this site

This guest post by Bjørn Anders Jørgensen, Senior Systems Consultant Basefarm, first appeared on LinkedIn.

Before you start on this rather long post, have a go at part #1:

Section 1: The good

Last week I wrote about how Intel should improve their microcode update delivery mechanism and offer full disclosure on their microcode changes. Then this week events progressed in rapid succession:

Intel released updated microcode bundle 20180108 VMware released updated patches for vSphere, including microcode updates Then it was discovered that the updates cause stability issues Most computer vendors recalled BIOS updates for Haswell/Broadwell VMware recommended not to expose VMs to the new CPU feature flag I discovered that Xeon SP and Kaby Lake/Coffe Lake updates from most or all vendors is based on the pre-release Intel bundle 20171215!

First of all I have to say I feel for all the engineers and product managers taken by surprise when the news broke early on the Meltdown and Spectre vulnerabilities. Apparently the embargo was suppose to be lifted on the 9. January, and everyone was working towards this date. There must have been extreme pressure from peers and customers. Mistakes will be made, but could have been