Spectre and Meltdown vulnerabilities made quite a splash earlier this year forcing makers of hardware and software to release updates in order to tackle them. There are several ways to fix the issues, including software, firmware, and hardware updates. Each generation of product is slowly implementing fixes, including some of the chips that Intel announced today.

At its Fall Desktop PC event earlier today, Intel, among other things, disclosed details concerning mitigations for Spectre and Meltdown vulnerabilities. Unlike Cascade Lake processors for servers and Whiskey Lake processors for notebooks, the new Intel Xeon W-3175X relies on software and firmware fixes for Spectre and Meltdown. By contrast, just like Cascade Lake and Whiskey Lake, the 9th Gen Core i7/i9 processors feature a number of hardware mitigations. Take a look at the state of things today in the table below.

Spectre and Meltdown on Intel
AnandTech SKX-R
CFL-R Cascade Lake Whiskey
Spectre Variant 1 Bounds Check Bypass OS/VMM OS/VMM OS/VMM OS/VMM OS/VMM
Spectre Variant 2 Branch Target Injection Firmware + OS Firmware + OS Hardware + OS Firmware + OS Firmware + OS
Meltdown Variant 3 Rogue Data Cache Load Firmware Hardware Hardware Hardware Firmware
Meltdown Variant 3a Rogue System Register Read Firmware Firmware Firmware Firmware Firmware
  Variant 4 Speculative Store Bypass Firmware + OS Firmware + OS Firmware + OS Firmware + OS Firmware + OS
  Variant 5 L1 Terminal Fault Firmware Hardware Hardware Hardware Firmware

As it currently stands, because the new Coffee Lake Refresh processors, the i9-9900K, the i7-9700K, and the i5-9600K, are built from new silicon designs, Intel was able to implement hardware fixes for variant 3 (rogue data cache load) and L1 terminal fault. These fixes are not in the Core-X Skylake-X Refresh processors as these are still the same silicon but with different binning and cache arrangements.

Related Reading

Comments Locked


View All Comments

  • schizoide - Tuesday, October 9, 2018 - link

    What I would fine most useful once the embargo is up, would be to compare the performance impact of the various Spectre and Meltdown mitigations in hardware versus software on CL-Refresh versus Coffee Lake. The software and firmware mitigations can all be disabled to do this.

    The performance impact is what I really care about. The impact of everything together mitigated in software/firmware is ~15-20%. If Intel strategically targeted the most impactful ones and dropped the perf impact to (say) 8%, that would be a really different conclusion than what I came up with looking at that list and guessing.
  • 29a - Tuesday, October 9, 2018 - link

    I would also like to see this.
  • WinterCharm - Tuesday, October 9, 2018 - link

    I'm really interested in this as well.
  • B3an - Tuesday, October 9, 2018 - link

    Also want to see this.
  • ballsystemlord - Thursday, October 11, 2018 - link

    Mee tooo(TM). I would also like to see the HW, vs. SW/FW, vs. unfixed, Spectre/Meltdown performance impact comparisons.
  • HStewart - Sunday, October 14, 2018 - link

    What I would like to see a switch to enable / disable the updates if and only if it slows performance down. I have yet seem a real case that Spectre/ Meltdown stuff lead to any real security holes. And does it actually effect clients or is it only servers. When I mean enable/disable I mean a switch in bios and actually prefer it control by the OS. In normal applications it may be possible not necessary - possible in drivers.
  • ry3dfx - Tuesday, October 9, 2018 - link

    What is a i9-9500K, did you mean i5-9600K and if not, does that have the hardware fix for meltdown variant 3. Additionally what does CFL-R mean? Coffee Lake Refresh? if so what is the F for? same question about SKX-R.
  • Ryan Smith - Tuesday, October 9, 2018 - link

    Yes on the i5-9600K.

    Yes on CFL-R being Coffee Lake Refresh.

    SKX-R: Skylake-X Refresh

    I'm not sure where you're seeing an F though?
  • boeush - Tuesday, October 9, 2018 - link

    He means CFL-R should really be CL-R; ditto SKX-R -> SLX-R. That is, if one follows the more standard/typical rules for acronym formation...
  • CoreLogicCom - Wednesday, October 10, 2018 - link

    Yes but with CL you are going to run into conflict with the upcoming Cannon Lake CPU’s and their eventual refreshes. Though some refer to Cannon Lake as CNL already. It’s getting weird for sure.

Log in

Don't have an account? Sign up now