Intel CPU Microcode Updated For Five New Security Issues
Intel just published new CPU microcode for Alder Lake, Emerald Rapids, Ice Lake, Raptor Lake, Sapphire Rapids, Sierra Forest, and other platforms going back to Coffee Lake H. There are five new security issues being addressed plus a number of different functional issues being resolved.
As of writing the Intel security notices aren't resolving on the linked pages, but the Intel CPU Microcode 20250211 release is confirmed to have security updates for five issues: INTEL-SA-01166, INTEL-SA-01213, INTEL-SA-01139, INTEL-SA-01228, and INTEL-SA-01194. Again, no details on those security issues with the security bulletins not currently loading...But it is this month's Patch Tuesday and presumably within the coming minutes or next hour (given their usual typical rough timing for announcements on Patch Tuesdays), that information should be made public.
The functional issues are for taking care of problems affecting Core Ultra CPUs, various Xeon processors, and other Intel Core processors going back to 8th and 9th Generation "Coffee Lake" CPUs. Today's CPU microcode updates are also the first time Intel is publishing new microcode for Sierra Forest SP "SRF-SP" / Xeon 6700 E series.
Those wanting the new Intel CPU microcode issued today can find the binaries up on GitHub. Now to wait for more information on the new security notices within the Intel Security Center.
UPDATE: The security bulletins are now published:
INTEL-SA-01166: Medium level denial of service with Intel IPU.
INTEL-SA-01213: Medium level denial of service with Intel SGX.
INTEL-SA-01139: High level escalation of privilege and denial of service with UEFI firmware.
INTEL-SA-01228: Medium level denial of service for 13th and 14th Gen Intel Core CPUs.
INTEL-SA-01194: Low level denial of service for the Intel Data Streaming Accelerator (DSA) with Xeon CPUs.
As of writing the Intel security notices aren't resolving on the linked pages, but the Intel CPU Microcode 20250211 release is confirmed to have security updates for five issues: INTEL-SA-01166, INTEL-SA-01213, INTEL-SA-01139, INTEL-SA-01228, and INTEL-SA-01194. Again, no details on those security issues with the security bulletins not currently loading...But it is this month's Patch Tuesday and presumably within the coming minutes or next hour (given their usual typical rough timing for announcements on Patch Tuesdays), that information should be made public.
The functional issues are for taking care of problems affecting Core Ultra CPUs, various Xeon processors, and other Intel Core processors going back to 8th and 9th Generation "Coffee Lake" CPUs. Today's CPU microcode updates are also the first time Intel is publishing new microcode for Sierra Forest SP "SRF-SP" / Xeon 6700 E series.
Those wanting the new Intel CPU microcode issued today can find the binaries up on GitHub. Now to wait for more information on the new security notices within the Intel Security Center.
UPDATE: The security bulletins are now published:
INTEL-SA-01166: Medium level denial of service with Intel IPU.
INTEL-SA-01213: Medium level denial of service with Intel SGX.
INTEL-SA-01139: High level escalation of privilege and denial of service with UEFI firmware.
INTEL-SA-01228: Medium level denial of service for 13th and 14th Gen Intel Core CPUs.
INTEL-SA-01194: Low level denial of service for the Intel Data Streaming Accelerator (DSA) with Xeon CPUs.