You, as an individual, should be getting your microcode update via a BIOS update from your board manufacturer. It is also true that Intel releases microcode updates to the OS community for inclusion into OS (and distro) releases.
Well, this isn't particularly helpful since Asus does not support Linux and I am sure they won't release a update as they haven't done so since mid-2015.
“This microcode data file contains the latest microcode definitions for all Intel processors. Intel releases these updates periodically. These microcode data files correct processor behavior as documented in the respective processor specification guidelines.
While the regular approach to getting this microcode update is via a BIOS update, Intel realizes that this can be an administrative hassle. The Linux* operating system has a mechanism to update the microcode after booting. For example, this file will be used by the operating system mechanism if the file is placed in the /etc/firmware directory of the Linux system.“
The download should contain the updates for all CPUs and I should not have to rely on mainboard manufacturers to be able to get support for my Intel CPU.
Hi, I agree with you. I have computers that are not going to get a BIOS update any time soon if ever. I'd like to be able to download the microcode for my CPU direct from intel. I can't see why that doesn't happen.
First of all, Intel will be releasing microcode updates for every processor affected. They have committed publicly to doing so - and by the end of the month.
Secondly, any board manufacturer who refuses to release a BIOS update is not one that I would ever purchase anything from again. Security is an absolute requirement; anyone not prioritizing that is not someone that I will deal with. If a board can accommodate a processor that is affected, it better get a BIOS that provides the necessary microcode updates -- and this update better close the ME vulnerabilities as well.
Finally, while it is true that you can get microcode updates via various O/Ss, I absolutely insist that this be at the BIOS level. I want all security holes (and all errata) closed before any O/S starts to load. I do not consider any O/S to be fully secure if it is not until part way through the O/S load that the microcode gets updated.
What I am more concerned about is that Intel didn't release any microcode updates for my CPU directly ever as far as I can tell, but several updates exist.
There's at least revisions 0x33c, 0x343, 0x353 and 0x363.
I found those in various BIOS files from different manufacturers and from the U-Boot project (they probably got out of BIOS update files too).
I am used to poor support from mainboard manufacturers and if you don't buy anything server-grade, it's the same after a few months no matter what brand you choose.
Really annoying is that Intel advertises that the download contains updates for my CPU (it's explicitly listed!) but there is no update in any data file released in the last 2 years (probably not in any). The fact that you find the updates in BIOS updates mean that there have been updates and Intel kept those already from me as customer.
So this would mean I shouldn't buy from Intel anymore as well...