Intel CEO Krzanich: Hardware-Level Protection Against Spectre/Meltdown Coming In New Xeon 'Cascade Lake,' 8th-Gen Core Processors
Intel is bringing hardware-level protection against the Spectre and Meltdown exploits to new eighth-generation Core and Xeon processors coming out later this year.
Intel's Xeon Scalable processors (code-named Cascade Lake) and its eighth-generation Core Processors will ship with hardware-based protection in the second half of 2018, said CEO Brian Krzanich in a blog post Wednesday. The company has also released microcode updates to address vulnerabilities for all Intel products released in the last five years, Krzanich said.
[Related: Security Solution Providers Are Skeptical Of CTS Labs' Claims Involving AMD Processors]
Krzanich in January had pledged to release processors later this year aimed at eliminating the threat posed by the Spectre and Meltdown exploits. Wednesday's blog post provided new details of that plan.
Barrett Lamothe, federal sales team lead at MicroAge, a Tempe, Ariz.-based Intel partner, said he is confident that Intel will able to deliver on both security and performance with the new processors. That would be a welcome change from current Intel processors that have taken a performance hit with software patches addressing the Spectre and Meltdown vulnerabilities. However, Lamothe added, providing both greater security and performance could present another tradeoff, such as lower power efficiency.
In the wake of the Spectre and Meltdown vulnerabilities, Lamothe said "the paradigm has changed" for chip makers like Intel when it comes to addressing security weaknesses.
"Not only are they going to have be looking for software exploits. Now they're going to have to be specifically looking at architecture that they come forward with to make sure they aren't building in any kind of exploits that can be done on the hardware side as well," Lamothe said. "It was never something you would really think of [in the past]."
While hardware-level protection in the new Xeon and Core processors will guard against attacks from Spectre variant 2 and Meltdown variant 3, Krzanich said the company will continue to address Spectre variant 1 vulnerabilities with software patches.
The new processors will protect against Spectre and Meltdown weaknesses through a process called "partitioning," where "protective walls" are created between applications and user privilege levels to stop bad actors, Krzanich said. While Krzanich didn’t provide any details on whether or how this fix would impact the processor's performance, he said Intel's "goal is to offer not only the best performance, but also the best secure performance."