Security bug INTEL-SA-00086

Intel published recently a severe security vulnerability in their website. A lot of processor families are affected. Using their tool my laptop was identified as affected. Any idea how to mitigate such issues in Ubuntu?

Thanks in advance


Your primary answer to this will be found at the end of the Intel article itself:

Intel highly recommends checking with your system OEM for updated firmware. Links to system manufacturer pages concerning this issue can be found at http://www.intel.com/sa-00086-support

Basically, they are telling you that the manufacturer of your computer will need to provide updated firmware. If, like me, you cannot update the firmware in your machine, we can only hope that at some not distant point in time an updated intel_microcode package will be available for Linux.

It is worth noting that this is not strictly about Ubuntu or Linux in general: The problem is a firmware issue and related to the underlying machine rather than the OS. How quickly this becomes resolved will largely depend upon how seriously the manufacturer approaches this problem. As of the time that I write this, the Intel support page links to statements by Dell and Lenovo, and apparently Lenovo intends to issue an update by 2017/11/24.