For more information on microarchitectural data sampling (MDS) refer to the MDS disclosure and Intel Analysis of Microarchitectural Data Sampling.
CPUID.(EAX=7H,ECX=0):EDX[MD_CLEAR=10] enumerates support for additional functionality that will flush microarchitectural structures as listed below.
- On execution of the (existing) VERW instruction where its argument is a memory operand.
- On setting the L1D_FLUSH command (on processors that enumerate both CPUID.(EAX=7H,ECX=0):EDX[MD_CLEAR=10] and CPUID.(EAX=7H,ECX=0):EDX[L1D_FLUSH=28] bit in the IA32_FLUSH_CMD MSR).
- On execution of the RSM instruction.
- On entry to, or exit from an Intel® Software Guard Extensions (Intel® SGX) enclave.
The following MSR enumeration enables software to check if the processor is affected by MDS methods:
A value of 1 indicates that the processor is not affected by RDCL or L1TF. In addition, a value of 1 indicates that the processor is not affected by MFBDS.
- IA32_ARCH_CAPABILTIES[0]: RDCL_NO
- IA32_ARCH_CAPABILITIES[5]: MDS_NO
A value of 1 indicates that processor is not affected by MFBDS/MSBDS/MLPDS/MDSUM.
Note that MFBDS is mitigated if either the RDCL_NO or MDS_NO bit (or both) are set. Some existing processors may also enumerate either RDCL_NO or MDS_NO only after a microcode update is loaded.
Note Future processors set the MDS_NO bit in IA32_ARCH_CAPABILITIES to indicate they are not affected by microarchitectural data sampling. Such processors will continue to enumerate the MD_CLEAR bit in CPUID. As none of these data buffers are vulnerable to exposure on such parts, no data buffer overwriting is required or expected for such parts, despite the MD_CLEAR indication. Software should look to the MDS_NO bit to determine whether buffer overwriting mitigations are required.
Note Processors that are not explicitly listed in this table, like processors based on Itanium® microarchitecture, are not affected by MDS.
Note For Intel® SGX, the MD_CLEAR and MDS_NO bits are also indirectly reflected in the Intel SGX Remote Attestation data.
Note All processors affected by MSBDS, MFBDS, or MLPDS are also affected by MDSUM for the relevant buffers. For example, a processor that is only affected by MSBDS but is not affected by MFBDS or MLPDS would also be affected by MDSUM for store buffer entries only.
Intel expects the following products are potentially affected by microarchitectural data sampling issues. For affected steppings cross-check against the list of updated microcode versions.
Table 6. List of MDS-affected processors by Family/Model
| Family_Model | Step | Processor Families / Processor Number Series |
MFBDS | MSBDS | MLPDS |
|---|---|---|---|---|---|
| 06_2EH | All | Intel® Xeon® processor 7500, 6500 series (Nehalem-EX) | Yes | Yes | Yes |
| 06_1EH, 06_1FH |
All | Intel® Core™ i7 and i5 Processors (Nehalem, Nehalem-G) | Yes | Yes | Yes |
| 06_1AH | All | Intel Core i7 Processor, Intel Xeon processor 3400, 3500, 5500 series (Nehalem-EP) | Yes | Yes | Yes |
| 06_2FH | All | Intel Xeon Processor E7 Family (Westmere-EX) | Yes | Yes | Yes |
| 06_25H, 06_2CH |
All | Intel Xeon processors 3600, 5600 series, Intel Core i7, i5 and i3 Processors (Westmere, Westmere-EP) | Yes | Yes | Yes |
| 06_2DH | All | Intel Xeon processor E5 Family based on Intel microarchitecture code name Sandy Bridge, Intel Core i7-39xx Processor Extreme Edition | Yes | Yes | Yes |
| 06_2AH | All | Intel Xeon processor E3-1200 product family; 2nd Generation Intel Core i7, i5, i3 Processors 2xxx Series (Sandy Bridge) | Yes | Yes | Yes |
| 06_3EH | All | Intel Xeon processor E7-8800/4800/2800 v2 product families based on Ivy Bridge-E microarchitecture | Yes | Yes | Yes |
| 06_3EH | All | Intel Xeon processor E5-2600/1600 v2 product families and Intel Xeon processor E5-2400 v2 product family based on Ivy Bridge-E microarchitecture, Intel Core i7-49xx Processor Extreme Edition | Yes | Yes | Yes |
| 06_3AH | All | 3rd Generation Intel Core Processor and Intel Xeon processor E3-1200 v2 product family based on Ivy Bridge microarchitecture | Yes | Yes | Yes |
| 06_3FH | All | Intel Xeon processor E5-4600/2600/1600 v3 product families, Intel Xeon processor E7 v3 product families based on Haswell-E microarchitecture, Intel Core i7-59xx Processor Extreme Edition | Yes | Yes | Yes |
| 06_3CH, 06_45H, 06_46H |
All | 4th Generation Intel Core processor and Intel Xeon processor E3-1200 v3 product family based on Haswell microarchitecture | Yes | Yes | Yes |
| 06_56H | All | Intel Xeon processor D-1500 product family based on Broadwell microarchitecture | Yes | Yes | Yes |
| 06_4FH | All | Intel Xeon processor E5 v4 Family based on Broadwell microarchitecture, Intel Xeon processor E7 v4 Family, Intel Core i7-69xx Processor Extreme Edition | Yes | Yes | Yes |
| 06_47H | All | 5th generation Intel Core processors, Intel Xeon processor E3-1200 v4 product family based on Broadwell microarchitecture | Yes | Yes | Yes |
| 06_3DH | All | Intel Core M-5xxx Processor, 5th generation Intel Core processors based on Broadwell microarchitecture | Yes | Yes | Yes |
| 06_55H | <=4 | Intel Xeon Processor Scalable Family based on Skylake microarchitecture | Yes | Yes | Yes |
| 06_4EH, 06_5EH |
All | 6th generation Intel Core processors and Intel Xeon processor E3-1500m v5 product family and E3- 1200 v5 product family based on Skylake microarchitecture | Yes | Yes | Yes |
| 06_8EH, 06_9EH |
<B | 7th/8th generation Intel Core processors based on Kaby/Coffee Lake microarchitecture | Yes | Yes | Yes |
| 06_9E | 0xC | 8th/9th generation Intel Core processors and Intel® Pentium® processors based on Coffee Lake microarchitecture | No | Yes | Yes |
| 06_8E | 0xB | 8th Generation Intel Core i7 Processors, Intel Pentium Gold Processor Series, and Intel® Celeron® Processor 4000 Series based on Whiskey Lake (ULT) microarchitecture | No | Yes | Yes |
| 06_8E | 0xC | 8th Generation Intel Core i7 Processors, Intel Pentium Gold Processor Series, and Intel Celeron Processor 4000 Series based on Whiskey Lake (ULT refresh) microarchitecture | No | No | No |
| 06_9E | 0xD | 8th Generation Intel Core i7 Processors, Intel Pentium Gold Processor Series, and Intel Celeron Processor 4000 Series based on Whiskey Lake (Desktop) | No | No | No |
| 06_55H | 5 | 2nd Generation Intel Xeon Scalable Processors based on Cascade Lake microarchitecture | No | Yes | Yes |
| 06_55H | 6,7 | 2nd Generation Intel Xeon Scalable Processors based on Cascade Lake microarchitecture | No | No | No |
| 06_7EH | 5 | 10th Generation Intel Core Processor Family based on Ice Lake (U, Y) microarchitecture | No | Yes | No |
| 06_86H | All | Atom (Tremont) | No | No | No |
| 06_37H, 06_4AH, 06_4CH, 06_4DH, 06_5AH, 06_5DH, 06_6EH, 06_65H, 06_75H |
All | Atom (Silvermont, Airmont) | No | Yes | No |
| 06_1CH, 06_26H, 06_27H, 06_35H, 06_36H, 06_36H, 06_7AH |
All | Atom (Bonnell,Saltwell, Goldmont, GoldmontPlus) | No | No | No |
| 06_57H, 06_85H | All | Intel® Xeon Phi™ x200 and 72x5 Product Families based on Knights Mill and Knights Landing microarchitectures | No | Yes | No |
Software Security Guidance Home | Advisory Guidance | Technical Documentation | Best Practices | Resources