Are Haswell CPUs still secure? Do they still get microcode updates?

Question

I have a Dell laptop with a Haswell CPU, and the recent Retbleed vulnerabilities made me think how vulnerable it is in general. The whitepaper implies Haswell quite a lot, but it wasn't tested. I keep my microcode package up-to-date, but it seems there wasn't any upgrade in the past 2.5 years:

# dmesg|grep microcode
[    0.000000] microcode: microcode updated early to revision 0x26, date = 2019-11-12
[    0.492516] microcode: sig=0x40651, pf=0x40, revision=0x26
[    0.492584] microcode: Microcode Update Driver: v2.2.

I know Retbleed will be fixed in software, but I have some more general questions:

• does Intel still provide microcode updates for these 4th gen CPUs for known vulnerabilities?
• if not, what kind of known vulnerabilities are out there which were not fixed/mitigated?

Answer 1

• The Windows OS is not affected (already has working software mitigations).
• Linux (upcoming kernel 5.19) and other UNIX'es will fix this in software.

In any case microcode updates are not required for its mitigation. This attack is extremely difficult to carry out, so you may sleep safe.

Answer 2

does Intel still provide microcode updates for these 4th gen CPUs for known vulnerabilities?

I don't think so, even most of 6th gen is at EOL status, you don't get microcode updates after EOL, but I don't think that is the main issue as security goes.

if not, what kind of known vulnerabilities are out there which were not fixed/mitigated?

I believe 4th gen has an old version of TPM, TPM is what protects against bootkits and rootkits, if you were to install windows 11 you wouldn't be able to get security updates.