Seems like Intel released an updated microcode data file just within the last hour or so (when I looked at the download page the last time, it still had the 20171117 version, now it is at 20180108): https://downloadcenter.intel.com/download/27431/Linux-Processor-Microcode-Data-File
The download page also has a list of supported processors.
(Now I just have to look up how to feed that to iucode-tool...)
@galaxis Please do tell us your findings...
@ckeen There's a "releasenote" file in there with instructions, doesn't even need the iucode-tool
The package doesn't seem to contain anything new for the CPU in my notebook though (just newer than before):
microcode: CPU0 sig=0x20655, pf=0x10, revision=0x2
microcode: CPU0 updated to revision 0x4, date = 2013-06-28
@ckeen ...and, as it turns out, the update is not persistent... ☹️
@galaxis That's to be expected. These microcode updates work by shadowing older instructions via a memory overlay so they either have to be applied by the BIOS or the linux kernel upon every boot.
@ckeen Naive expectations and such... Didn't know about how that works up to now.
@mmu_man Yeah, but unfortunately the list seems just for the CPUs that have any microcode updates in that package at all - it doesn't tell which ones get the Spectre fixes.
@galaxis I think it's something like:
sudo tar -xf /<path>/microcode-20180108.tgz
sudo update-initramfs -u -k all