"Intel CPU microcode updates" plugin questions/concerns

[Diggy]

I have some questions about the "Intel CPU microcode updates" plugin.

First, I'd like to say that it would have been nice if the pre-install description stated that the package is no longer being maintained.  It was only mention post-installation.

Second, I would consider this package to be very important with respect to security, so why is it not being maintained?  Further, why isn't it included as part of the core installation?

Third, I am using an HP server with the "Intel Xeon CPU E5-2620 v4" CPU.  How can I determine if my system will benefit from the microcode?

[nero355]

First, I'd like to say that it would have been nice if the pre-install description stated that the package is no longer being maintained.  It was only mention post-installation.

Second, I would consider this package to be very important with respect to security, so why is it not being maintained?  Further, why isn't it included as part of the core installation?

franco explained this a while ago so if you really want to know then look through his posts : https://forum.opnsense.org/index.php?action=profile;area=showposts;u=10

TL;DR : The message you have seen does not tell the whole story and can safely be ignored when using OPNsense :)

[meyergru]

1 & 2: The message does not apply to the microcode updates, you are misreading the console output.
3: Use "dmesg | fgrep microcode" on the CLI to see if an update was applied.

[Diggy]

3: Use "dmesg | fgrep microcode" on the CLI to see if an update was applied.

Apparently no microcode updates applied.  Output from that command:
[1] CPU microcode: no matching update found