01-20-2018 03:43 AM - last edited on 01-22-2018 01:01 AM by goretsky
[Duplicate threads merged by Moderator. AG]
I am looking for the Vulnerability fix for INTEL-SA-00086 on Thinkpad x201. Could you please help me out?
01-21-2018 03:51 PM
I have a Lenovo Thinkpad X201 and after reading the page https://support.lenovo.com/pt/pt/solutions/len-18282 I do not find any reference to the X201 model.
This X201 model is vulnerable to Spectre security flaw and without an update from Lenovo, the laptop will be useless.
Is there anyone here from Lenovo staff/support? Does anyone knows if a Spectre fix for X201 will be released?
Note: The CPU on my X201 is a Intel i5 M520 @2.4Ghz
01-22-2018 12:58 AM
In Lenovo Security Advisory LEN-18282, "Reading Privileged Information with a Side Channel" the following information was added in Revision 13 (2018-01-17):
Added updates for ThinkPad (removed End of Support models - refer to your Lenovo Sales representative for further information), Desktop, ThinkSystem (MTMs added), System x-Lenovo (MTMs added), System x-IBM (product list expanded), Storage (Added LenovoEMC Px12-400r and LenovoEMC Px12-450r which were previously listed under Iomega), Networking, HPC Storage Solutions (modified column heading to make it clear what minimum fix versions are).
The contact information for Lenovo's sales department can be found here for the United States.
01-27-2018 03:34 AM
01-27-2018 03:52 AM - edited 01-27-2018 03:53 AM
I agree 100% with you. Having to contact the Lenovo support on my own country is useless. I can say that because I already done that and they even did not respond to my email (already send the email 2 weeks ago). Then I went to a official Lenovo shop and ask directly to them. They don't know anything about it and told me to check the Lenovo official website and if is not listed there there will be no update.
So I expect a direct response from @goretsky (LenovoSupport) about this. The one thing that keeps me buying Thinkpad laptops was always the excelent support and updates. I hope Lenovo don't drop the ball here.. and become like every other "trash" brand.
Thinkpad are professional machines build to last some years. My X201 with a i5 CPU is still a valid working product so I expect it not to become obsolete with this Spectre issue. Because if Lenovo does not release an update form X201 I can ensure you that I will sell all the 12 Thinkpad laptops that I have on my company and buy Dell instead.
Will keep waiting here for a response from Lenovo Support.
01-27-2018 04:08 AM
It is ridiculous what is happening. Because this is a massive problem originated by Intel (and others). Therefore, the manufacturers have to take responsibility. I understand that this is not a direct fault from Lenovo, therefore Lenovo should contact Intel and ask them to pay whatever is required. But this is certainly not our problem as customers. As customers we just want a firmware update to solve this problem.
If Lenovo doesn't solve this problem then I will def. start buying from other manufacturers and I will influence the purchasing departments to buy from different manufacturers (and believe that can cost some millions of pounds to Lenovo in UK). I am very upset with this vulnerability that exposes all the processors manufactured over the last 10 years. I am the Admin of a high-performance cluster and it taking a lot of time to update the firmware of all the machines that I am responsible for. So no, I am not happy with the previous Lenovo support answer.
Hopefully, it was just a bad understanding and we will soon have access to the BIOS firmware update.
01-27-2018 06:49 AM - edited 01-27-2018 03:05 PM
I'm not familiar with the X201, but I believe it is about eight years old now with a first generation Intel Core CPU, and is is listed on Lenovo's End of Life Portal at
In order for Lenovo to be able to do anything, Intel will have to be working on updated microcode.
I would suggest visiting Intel's Meltdown/Spectre portal at:
to determine what the status is of a microcode update for your CPU model.
01-27-2018 07:15 AM
I found this information in the Intel website and it is very clear.
"If the INTEL-SA-00086 Detection Tool reported your system being vulnerable, please check with your system manufacturer for updated firmware. Links to system manufacturer pages concerning this issue can be found at http://www.intel.com/sa-00086-support."
I have the latest version of the Intel Microcode (https://downloadcenter.intel.com/download/27337/Linux-Processor-Microcode-Data-File) running on that Lenovo X201 and I am still getting the warning.
So for what I understood, Lenovo is not going to release a BIOS update for the Lenovo X201. Is that the case?
02-01-2018 04:08 PM
Hi agree with @PedroMachado
A Lenovo support response is needed about this. Hey @goretsky or any other Lenovo representative, do you have any update about this?