Originally Posted by Paddy OPlastic
What I don't understand is why Intel can't patch the processor microcode to mitigate the problem. Modern processors have an internal simple RISC architecture. They, in essence, run a program (the microcode) to emulate the x86 and x64 instruction set.
As I understand it (I'm in the tech industry, but not that corner) ... the underlying problem can't be fixed with microcode - it's down to how the various processor-cores on the chip share cache information during "speculative execution"
When the core is otherwise idle (waiting for RAM to return data etc), it takes an educated guess at what might be next instruction / instructions required. If it guesses right, it wins - if not, it's no worse off, unwinds what it did, and goes on doing whatever it was going to do ..
The problem happens because the CPU cache is outside the core running the instructions - and doesn't always get cleared down properly (as it's shared) ... it's possible to read any information left around after the speculative execution.
This can be manipulated to show contents of memory that would otherwise be hidden / secured (as the CPU / Kernel have access to everything) - which could include encryption keys etc.
Edit: This flaw has existed on every CPU since the 1995 Pentium Pro / AMD K6 era processors (PII / PIII / P4) - the only intel exception is the Itanium