So, I see some threads here in the forum about updating microcodes, and they quickly gather many posts from folks who are apparently more up to date on the benefits of updating such. I thought that perhaps the rest of us might benefit if those most knowledgeable would be able to enlighten us with some answers to basic questions!
So, here goes...
1. Microcodes define or change the instruction set of our Intel processors. Lately this has been occurring as a result of Intel updating microcode for their processors to mitigate the Meltdown and/or Spectre vulnerabilities. Specifically, Intel created some new instructions that define software regions where speculative execution is not performed - have I got that right?
2. On the Mac platform, microcode updates are delivered as part of a firmware update, which is itself usually delivered as part of a operating system install, or a security update. Have I got that right? What is the software tool for inspecting a package to see if it contains a microcode update?
3. Having updated microcode is useless unless the operating system supports using the new instructions supplied and/or changed by the microcode, right?
4. I'm guessing that Apple is probably only adding support for updated microcode in its latest version of MacOS, High Sierra (and presumably Mojave), right? Those of us running (currently supported) El Capitan and Sierra are probably not going to get any benefit from updated microcode, right?
5. Does updated microcode mainly add back in performance? That is, does it appear that systems running with older microcode, or systems still on El Capitan/Sierra will still be as secure as a system with latest microcode, but with a greater performance penalty? Or is it the case that if one wants to be as absolutely protected against Meltdown and Spectre as possible, one must run High Sierra and see that your microcode gets updated?
6. Intel originally issued a blanket statement that a great swath of their processor family would have updated microcode made available, but later they backed off and only issued updated microcode for a (still substantial) number of processors. In one particular example of interest to Mac Pro owners, the W3690 did not get a microcode update, while the similar dual processor version X5690 did. However, it appears from one Macrumors forum thread that the W3690 can be updated with microcode intended for another processor (presumably the X5690). Is this true, and reasonably safe?
7. If one has a processor that Intel has issued updated microcode for (like say an X5690 3.46GHz processor), are there recommended installation sequences or update sequences that are known to result in microcode getting updated to latest version without manual intervention like hex editors and dosdude1's tool? For instance, if one performs a completely clean install, is that sufficient? Is applying a combo update for the latest point release, is that sufficient?
Thanks for helping enlighten the community if you are able to answer some of these questions!
So, here goes...
1. Microcodes define or change the instruction set of our Intel processors. Lately this has been occurring as a result of Intel updating microcode for their processors to mitigate the Meltdown and/or Spectre vulnerabilities. Specifically, Intel created some new instructions that define software regions where speculative execution is not performed - have I got that right?
2. On the Mac platform, microcode updates are delivered as part of a firmware update, which is itself usually delivered as part of a operating system install, or a security update. Have I got that right? What is the software tool for inspecting a package to see if it contains a microcode update?
3. Having updated microcode is useless unless the operating system supports using the new instructions supplied and/or changed by the microcode, right?
4. I'm guessing that Apple is probably only adding support for updated microcode in its latest version of MacOS, High Sierra (and presumably Mojave), right? Those of us running (currently supported) El Capitan and Sierra are probably not going to get any benefit from updated microcode, right?
5. Does updated microcode mainly add back in performance? That is, does it appear that systems running with older microcode, or systems still on El Capitan/Sierra will still be as secure as a system with latest microcode, but with a greater performance penalty? Or is it the case that if one wants to be as absolutely protected against Meltdown and Spectre as possible, one must run High Sierra and see that your microcode gets updated?
6. Intel originally issued a blanket statement that a great swath of their processor family would have updated microcode made available, but later they backed off and only issued updated microcode for a (still substantial) number of processors. In one particular example of interest to Mac Pro owners, the W3690 did not get a microcode update, while the similar dual processor version X5690 did. However, it appears from one Macrumors forum thread that the W3690 can be updated with microcode intended for another processor (presumably the X5690). Is this true, and reasonably safe?
7. If one has a processor that Intel has issued updated microcode for (like say an X5690 3.46GHz processor), are there recommended installation sequences or update sequences that are known to result in microcode getting updated to latest version without manual intervention like hex editors and dosdude1's tool? For instance, if one performs a completely clean install, is that sufficient? Is applying a combo update for the latest point release, is that sufficient?
Thanks for helping enlighten the community if you are able to answer some of these questions!