Many computer tech’s, or even savvy home users, have heard the term microcode before and it knew that it related to your CPU but don’t really don’t really know what it is. Microcode became more commonly known when several security holes were found on the physical silicon of Intel CPU’s in 2019.

Intel’s “JCC Erratum” fix that apply to all nearly all PC and server Intel CPUs manufactured from 2015 through 2019, became a global storm because their microcode “fix” disabled features which causing as much as a 30% loss of performance.

What is CPU Microcode?

When an operating system ask something of the CPU the operating system command is broken down into smaller components. Those smaller components are then fed into the CPU by a scheduler and executed. So the question here is, what is actually breaking down the commands from from windows or iOS? It turns out that there is a tiny operating system built built right onto your AMD or Intel CPU, and this is where it starts to get a little scary and a lot opaque.

intel microcode windows updates kb4589121

Today in 2023 we see microcode updates delivered through such run-of-the-mill processes as Windows Update (click the graphic on the right) but historically they were delivered only through BIOS updates.

Most notably they don’t tell you what it actually is. Take a look at THIS microcode description from Microsoft that just that’s just says you need to have it.

In simple terms microcode is firmware that runs directly on your CPU. It is not dependent on the operating system nor the BIOS. In more complex terms microcode is the operating system that is on your CPU.

Do CPU’s Have a Hidden Operating System?

cpu micrcode cpu install by animated robot

This is a complex question with two answers, because microcode is itself actually broken into two components. The first part of microcode is burned into the silicon and cannot be changed. You can think of this as the operating kernel or like a hypervisor

…there isnt some linux running there with a qemu program inside each chip. It is somewhere between hardwired where there is no software/microcode in the middle and a full blow emulation. The programmable bits may be like an fpga, programmable gates, or it may be software or programmable state machines, meaning not-programmable gates, just what runs on the gates is programmable.

Intel microcode? Old Timer

The second component of microcode is a very very stripped down Linux:

…processors are running a closed-source variation of the open-source MINIX 3. We don’t know exactly what version or how it’s been modified since we don’t have the source code. We do know that with it there:

  • Neither Linux nor any other operating system have final control of the x86 platform
  • Between the operating system and the hardware are at least 2 ½ OS kernels (MINIX and UEFI)
  • These are proprietary and (perhaps not surprisingly) exploit-friendly
  • And the exploits can persist, i.e. be written to FLASH, and you can’t fix that
MINIX: ​Intel’s hidden in-chip operating system

If you really want to get into the weeds watch this 30 minute technical presentation from the German public research university “Ruhr-Universität Bochum” starting at minute 7:

…Agnor Fog has done a lot of reverse engineering of modern x86 CPUs and mentions microcode frequently, in fact I think microcode is what gets pipelined and OOE instead of normal instructions, and normal things like using a memory address instead of a register for an operation generate extra u-ops. Agnor Fog manual here: 

Intel microcode? Joseph Garvin

What is So Dangerous About CPU Microcode?

Microcode is mysterious and we think intentionally so. From our research on the topic it is clear that chip manufacturers don’t want you to know much about it and many techs with inside knowledge believe this is because microcode could easily be hacked.

Security researchers say that the main problem with the current microcode architecture is that it uses proprietary Linux. That leads to “security through obscurity” which only works when you’re trying to stay safe from normal hackers who will go to the easiest targets.

Today we see state actors like China, North Korean, and Russia running agencies with hundreds of millions of dollars of funding and years to develop their hacks. and those are just our adversaries which does not include friendly governments like the United Kingdom and the it states and France and Germany who no doubt also support large hacking efforts you’re going to have more i’m sorry buddy No I’m not gonna think about it You just do it i’m gonna get him

Years ago you could avoid microcode including it’s possible security holes by using the AMD CPUs but times have changed and now Rizen processors include include the AMD Platform Security Process which is just branding for Microcode.

In summary both AMD and Intel use microcode to tweak their CPU’s to both adjust performance and fix security flaws and that just isn’t going to change in the near future.


Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *