1.. SPDX-License-Identifier: GPL-2.0 2 3============= 4Old Microcode 5============= 6 7The kernel keeps a table of released microcode. Systems that had 8microcode older than this at boot will say "Vulnerable". This means 9that the system was vulnerable to some known CPU issue. It could be 10security or functional, the kernel does not know or care. 11 12You should update the CPU microcode to mitigate any exposure. This is 13usually accomplished by updating the files in 14/lib/firmware/intel-ucode/ via normal distribution updates. Intel also 15distributes these files in a github repo: 16 17 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files.git 18 19Just like all the other hardware vulnerabilities, exposure is 20determined at boot. Runtime microcode updates do not change the status 21of this vulnerability. 22