From Ars Technica https://arstechnica.com/gadgets/202...ct-secret-key-used-to-encrypt-intel-cpu-code/ So honestly, it's still early days to figure out how big this flaw is. We had a demonstration of a delivery method for the exploit which should give all here pause. Basically on the system we saw this exploit demoed, an HP, they used Hp's firmware update mechanism to deliver the modified microcode. One bit of good news here is that it triggered Windows authentication mechanism, similar to what happens if you make significant hardware changes such as changing your video card and disk controller in a desktop. Now if the average user will know enough to get alarmed, is an open question So a few observations from the demo we saw. 1. Ironically AMD is likely spared this fault, due to differences in the way the authentication of keys requiring a chip on a supported motherboard. 2. So far they have only cracked one chipset, but the researchers feel that its likely at a minimum, a potential issue with succeeding generations of chips because Intel is so iterative with their chip generations. 3. Unlike the Spectre flaws, this exploit doesn't need physical access to the PC. They demonstrated it using HP's firmware update mechanism over the air which by default is turned on active. In the demo we saw, the only warning was a notification that "a new critical update was downloaded and installed , please restart your PC...." OTOH, it's also equally exploitable via Linux. 4. Given that intel still has not significantly addressed the Spectre flaws at hardware chip level, but instead mostly via microcode patches and also Windows based mitigations, this is yet another concern for IT folks with intel chips Not much we can do at this point other than watch what happens and continue to be vigilant with our own and customer systems.