@ariadne @jschwart @kate updating microcode is a big thing. it may
- introduce new vulnerabilities
- significantly slow down performance
- have inlaid backdoors for vendor
and not all vulnerabilities are exploitable in every particular case. sometimes the use case of CPU excludes the possible attacks and performance is more important than some fast and dirty fix.

of course, this all does not lift the fact that CPU must be designed and tested more carefully to avoid such BS we see more and more often nowadays. the problem is aggressive and idiotic management that forces engineers to throw semi-raw products to the market. nobody cares for quality and security. users pay for some cat in a bag that may have absolutely broken performance after a serie of skew firmware workarounds for CPU architecture errors.