Hello, toffee. Thank you very much for sharing your issue with the Intel Communities Team. I will be more than glad to assist you.
In this case, the only information we have available about this issue is the one provided on the following link: https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
This site is constantly being updated so any release about this will be shared on it.
The Westmere EP family does not support OS loading of microcode updates. You will need to check for a BIOS update for your system or motherboard.
I wrote and tested my microcode update tool cpupdate using a workstation with Westmere EP processors, so I can confirm that the statement that Westmere EP does not support OS loading of microcode updates is utter nonsense, if not an outright lie.
My personal guess the reason why Intel refuses to release the memory sinkhole fix MCU to the public is this:
To have the microcode update fix the memory sinkhole bug fully, it appears necessary to turn off part or all of the Westmere's version of the IME backdoor.
And so I guess they hand out the microcode only to big players that are willing to sign NDAs, because imagine everybody would deactivate the IME backdoor... spy agencies and organized crime won't be happy.
Obviously problems with syncing the IME backdoor with the first wave of Meltdown/Spectre microcode updates (these released on January 8) were responsible for the reboot issues.
This seems a logical conclusion, as it is well-known that mistakes when tampering with the IME backdoor can cause reboots after 30 minutes.
Anyway, I have done a lot of analysing and researching, because almost 50% of the microcode updates listed in the "Microcode Revision Guidance" are missing in the April 25 microcode download.
Please read the document with my findings.
I would appreciate if Intel now would finally release the microcode updates to the public.
Otherwise I'd find appropriate that Intel explains why they refuse to release 45% of the production quality microcode updates to the public.
Because, the public deserves to know the reasons why Intel knowingly and apparently intentionally keeps their customers vulnerable to the Meltdown/Spectre exploits.
Hi Toffee and Snurg,
We've reviewed our internal documentation concerning Westmere EP's ability to support microcode loading by the OS and you are correct, Westmere EP does support OS loadable microcode. Thanks for pointing out the error.
We are also looking at the microcode download to make sure we are providing everything we can. I'll let you know when I have an update on that.
Thanks again for helping us uncover these issues in our documentation and the download.