Future processors from Intel will contain mitigations at the hardware level to protect against two of the three Spectre and Meltdown variants, starting with a new batch of 8th generation CPUs due out in the second half of this year, Intel CEO Brian Krzanich announced in a blog post today. Intel will continue to rely on software updates to mitigate the remaining variant.
Intel is also building hardware protections into its next-generation Xeon processors codenamed Cascade Lake. Along with the upcoming 8th generation CPUs, the redesigned silicon will "introduce new levels of protection through partitioning."
"Think of this partitioning as additional 'protective walls' between applications and user privilege levels to create an obstacle for bad actors," Krzanich said.
The presumed benefit of addressing these vulnerabilities at the hardware level is that there will be less of a performance impact. Krzanich alluded to that, saying the redesigned processors will "deliver the performance improvements people expect" from Intel, while also being more secure.
Ronak Singhal, a senior executive who oversees the development of the architecture for Intel's processors, reinforced this notion in a discussion with Fortune. According to Singhal, addressing things in hardware will virtually eliminate the performance impact that's been seen with software patches.
Intel hasn't gone into great technical detail about its hardware redesign, other than to say its updated processors will still benefit from speculative execution.
In addition to upcoming hardware fixes, Krzanich said Intel has now released microcode updates for every product it's launched in the past five years that are affected by the side-channel vulnerabilities.
Some of the updates have recently been made available to IT admins through Microsoft's Update Catalog. Microsoft is also planning to dole out microcode updates to the general public, initially for some Skylake devices running Windows 10.
For those running older generation processors, unfortunately, it might be time to think about upgrading. Just wait for the processors that have hardware protection to emerge—there's no sense in upgrading into a flawed platform at this point.