Intel's Brian Krzanich has stated that processors immune to the Spectre and Meltdown speculative execution vulnerabilities will be released by the company before the end of the year - meaning that if you're planning an upgrade in the near future, you'd be well advised to wait.
Speaking during the company's latest quarterly earnings call, which saw the company's stock jump 4.5 percent from its recent dip, Krzanich told attendees that hardware fixes for the design flaws that lead to the wide-reaching Spectre and Meltdown vulnerabilities publicly announced earlier this year are in-hand. 'We've been working around the clock with our customers and partners to address the security vulnerability know as Spectre and Meltdown. While we made progress, I'm acutely aware that we have more to do,' Krzanich claimed. 'Security is a top priority for Intel, foundational to our products, and it's critical to the success of our data-centric strategy. Our near-term focus is on delivering high quality mitigations to protect our customers' infrastructure from these exploits. We're working to incorporate silicon-based changed to future products that will directly address the Spectre and Meltdown threats in hardware. And those products will begin appearing later this year.'
At the same time, the company's release to investors (PDF warning) comes with a lengthy warning on the topic. 'Security vulnerability issues may exist with respect to our processors and other products as well as the operating systems and workloads running on them. Mitigation techniques, including software and firmware updates, may not operate as intended or effectively resolve these vulnerabilities,' investors are told, in tacit admission of the troubles the company has had with its recently-withdrawn reboot-inducing microcode update. 'In addition, we may be required to rely on third parties, including hardware, software, and services vendors, as well as end users, to develop and deploy mitigation techniques, and the effectiveness of mitigation techniques may depend solely or in part on the actions of these third parties. Security vulnerabilities and/or mitigation techniques, including software and firmware updates, may result in adverse performance, reboots, system instability, data loss or corruption, unpredictable system behaviour, or the misappropriation of data by third parties. We have and may continue to face product claims, litigation, and adverse publicity and customer relations from security vulnerabilities and/or mitigation techniques, including as a result of side-channel exploits such as "Spectre" and "Meltdown," which could adversely impact our results of operations, customer relationships, and reputation. Separately, the publicity around recently disclosed security vulnerabilities may result in increased attempts by third parties to identify additional vulnerabilities, and future vulnerabilities and mitigation of those vulnerabilities may also adversely impact our results of operations, customer relationships, and reputation.'
'Security has always been a priority for us and these events reinforce our continuous mission to develop the world's most secured products,' Krzanich continued on the call. 'This will be an ongoing journey, but we're committed to the task and I'm confident we’re up to the challenge. To keep you informed, we've created a dedicated website and we're approaching this work with customer first urgency. I've assigned some of the very best minds at Intel to work through this and we're making progress.'
Thus far, Intel has not disclosed a firm launch date for Spectre- and Meltdown-immune silicon, nor which products families can expect it first - though it seems likely the company will concentrate on fixing the issue for its data centre customers first.
April 7 2020 | 14:00