A microcode update is a binary blob loaded to CPU on boot.
Modern Intel CPUs itself are sort of a runtime environment that has its language and program RAM. By placing said blob onto BIOS(UEFI firmware) ROM, CPU can find it, fetch it and load onto internal mini-RAM during power-up.
The structure of BIOS/firmware ROM differs among board manufacturers and it cannot reliably be altered from Windows by Microsoft(its all the same in actuality though). Thus the microcode update blob must be integrated into and installed by manufacturer or as per their instructions.
Personally I don’t care. I only care about speed. I want the latest AGESA, but I opt Meltdown patches be left off.
The OS can update the Intel microcode at runtime just fine as well, and e.g. Linux and Windows offer such updates (like the one described by this very article). So BIOS/UEFI update/involvement is not needed.
That asssrtion isn’t correct. Microcode updates are not installed permanently automatically; users need to patch their bios/firmware for that. But the OS can (and does) dynamically apply microcode updates at boot, every boot.
Quite literally the next line in the exact same paragraph with links and instructions.
> Links to the Intel Microcode update for the supported versions of Windows can be found below:
And then right after the links, suggestions on what you should do ( I guess it's not specific to software developers, but I somehow doubt it matters that much unless you are in HPC)
> While we highly recommend that users install new Microcode updates, it should be noted that previous updates have caused performance issues on older CPUs or system hangs in the past due to how they mitigated vulnerabilities.
I don't think that is what he means. I am guessing he means very few people will ever even know about this. So why should the people who randomly come across this information do anything about it?
What does this mean? That only those who know that they need them should apply them? What should I do (as a software developer) with my machine?