Urgent security updates will be pushed out in between these quarterly batches. Some fixes may be emitted outside of this quarterly cadence if they are due to be released on a specific date in a coordinated disclosure with other organizations, and that date falls outside Intel's schedule.At the same time, Intel also dropped a dozen security alerts, including another Spectre-class CPU flaw that can be exploited through bound-check bypass store attacks. However, the good news is that the software mitigation for Spectre variant 1 offers protection for the new variant.
Motherboard manufacturers, computer makers, operating system developers, and other Intel partners, will privately get a long heads up before these quarterly updates are made public. For instance, today's patches were shared with manufacturers in March, allowing them to prepare to roll out fixes to customers.
Via: The Register