Actually, your Ivy Bridge CPU had new microcode revision with additional Spectre defenses released just this past Monday. While it's a long-shot for your motherboard manufacturer to release a new FW update, it *is* likely to appear in an OS patch. CPU microcode can and is loaded via multiple mechanisms, including during OS early boot. On Windows, your options are a bit more limited as you must wait for Microsoft to update their microcode patch.
Microsoft's microcode patch information, which is ONLY available for Windows 10 1709 (or later?) can be found here: https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates It's something of a mess. As you may see, Ivy Bridge desktop CPUs are not listed explicitly, but I've heard reports of the patch taking effect on them anyway. Use a tool such as InSpectre or Get-SpeculationControlSettings in the PowerShell Gallery to verify your status post-update. With regard to an upgrade...hard to say. On the desktop side, with Ryzen, AMD has finally released a product that is competitive. Broadly speaking (i.e., on overall average), it is not clearly superior despite higher core counts, but very competitive and hence a viable option to Intel's Coffee Lake SKUs. If you're interested in HEDT, that's a bit harder to answer...for highly threaded workloads, the Threadripper/X399 platform wins on both performance and price (despite the dumb name and attempt to usurp Intel's existing platform naming scheme), but if single-threaded performance is more important, Skylake-X/X299 is still the better bet. CPUs with integrated defenses to the various Spectre variants are expected near the end of the year. As it stands now, performance wise, Intel's silicon is more negatively impacted via existing mitigations, but not enough to make a meaningful difference in *most* client workloads for current silicon. Older CPUs (such as your Ivy) that do not support INVPCID are especially hurt by Meltdown's mitigation. Fundamentally, I don't think either one is substantially more secure if your mitigations are current. While we've already seen some since the initial 3 CVEs were announced, it's widely expected that more vulnerabilities will be discovered in the coming months and years as this new and novel class of attack vector is researched. Major items rumored to be coming soon-ish: Intel desktop: Widely expected to have a new 8-core mainstream chip out sometime later this year. Intel HEDT: Cascade Lake-X expected in Q4, up to 28C, though the series may span sockets. Maybe a 22C interim offering? AMD Desktop: Zen+ 2000-series just released offering minor improvements, Zen 2 expected next year AMD HEDT: Zen+ refresh of Threadripper expected soon, up to 32C. My personal take: I'd buy Intel for intensive, lightly-threaded workloads, and AMD for intensive, heavily-threaded workloads. Anything not intensive isn't going to be different enough to matter, so go with whatever floats your boat and/or wallet. Greg -----Original Message----- From: Hardware [mailto:[email protected]] On Behalf Of Brian Weeden Sent: Thursday, July 5, 2018 9:45 PM To: hwg <[email protected]> Subject: [H] Should I rebuild my machine now or wait until the next gen of CPUs? Currently running a core i5-3750K with 32GB of RAM on my main machine, which I use for both work and gaming. Been looking to replace it for several months now, but have held off in part because of all the vulnerabilities that keep turning up in modern CPUs (Meltdown, Spectre, and all their variants). The thing is, my existing CPU is old enough that it doesn't support any of the mitigations, so I'm actually less secure now than if I bought a new CPU that at least had mitigations against the vulns (even if the new CPUs that actually fix them are 6-12 months away). So first question is, is the time right to go do this now? Second question is, Intel or AMD? Is one better off than the other from a security standpoint that's worth taking into consideration? --------- Brian
