14 DAY TRIAL // After it's been pulled from Ubuntu's repositories in late January at Intel's request due to serious hardware issues reported by numerous users, Inte's microcode update to mitigate the Spectre security vulnerability makes a comeback.
On January 22, 2018, Canonical replaced the Intel microcode firmware versioned 20180108 with the older 20170707 release at Intel's request, thus no longer protecting users' computers against the Spectre security vulnerability that could allow a local attacker to expose sensitive information from kernel memory.
"Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via side-channel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory (CVE-2017-5715)," reads the security advisory.
While users were left hanging for month, on February 22, 2018, Canonical released new kernel updates for all of its supported Ubuntu Linux releases to provide compiler-based Retpoline kernel mitigation for Spectre Variant 2 on both the amd64 and i386 hardware architectures.
Intel's microcode update for Spectre is now again available
As of March 29, 2018, Intel's microcode firmware containing mitigations for the Spectre security vulnerability on Intel CPUs is again available in Ubuntu's software repositories. According to the security advisory, this includes the right microcode updates that are required for the corresponding Ubuntu Linux kernel updates.
The new 20180312 version of Intel's microcode firmware can be installed on the Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series, as well as all of their derivatives, including Kubuntu, Xubuntu, Lubuntu, Ubuntu MATE, Ubuntu Budgie, and Ubuntu Kylin.
Both 64-bit and 32-bit Ubuntu installations are supported. Canonical urges users to update to the new Intel microcode release as soon as possible and reboot their computers to ensure the correct installation of all the necessary changes and keep their systems protected against Spectre attacks.