How to install/update Intel microcode firmware on Linux

I am a new Linux sysadmin. How do I install or update microcode firmware for Intel/AMD CPUs on Linux using the command line option?

A microcode is nothing but CPU firmware provided by Intel or AMD. The Linux kernel can update the CPU’s firmware without the BIOS update at boot time. Processor microcode is stored in RAM and kernel update the microcode during every boot. These microcode updates from Intel/AMD needed to fix bugs or apply errata to avoid CPU bugs. This page shows how to install AMD or Intel microcode update using package manager or processor microcode updates supplied by Intel on Linux.

How to find out current status of microcode

Run the following command as root user:
# dmesg | grep microcode
Sample outputs:
Verify microcode update on a CentOS RHEL Fedora Ubuntu Debian Linux
Please note that it is entirely possible that there is no microcode update available for your CPU. In that case it will look as follows:

[    0.952699] microcode: sig=0x306a9, pf=0x10, revision=0x1c
[    0.952773] microcode: Microcode Update Driver: v2.2.

How to install Intel microcode firmware on Linux using a package manager

Tool to transform and deploy CPU microcode update for x86/amd64 comes with Linux. The procedure to install AMD or Intel microcode firmware on Linux is as follows:

  1. Open the terminal app
  2. Debian/Ubuntu Linux user type: sudo apt install intel-microcode
  3. CentOS/RHEL Linux user type: sudo yum install microcode_ctl

The package names are as follows for popular Linux distros:

  • microcode_ctl and linux-firmware – CentOS/RHEL microcode update package
  • intel-microcode – Debian/Ubuntu and clones microcode update package for Intel CPUS
  • amd64-microcode – Debian/Ubuntu and clones microcode firmware for AMD CPUs
  • linux-firmware – Arch Linux microcode firmware for AMD CPUs (installed by default and no action is needed on your part)
  • intel-ucode – Arch Linux microcode firmware for Intel CPUs
  • microcode_ctl, linux-firmware and ucode-intel – Suse/OpenSUSE Linux microcode update package

Warning: In some cases, microcode update may cause boot issues such as server getting hang or resets automatically at the time of boot. The procedure worked for me, and I am an experienced sysadmin. I do not take responsibility for any hardware failures. Do it at your own risk.


Type the following apt command/apt-get command on a Debian/Ubuntu Linux for Intel CPU:
$ sudo apt-get install intel-microcode
Sample outputs:
How to install Intel microcode firmware Linux
You must reboot the box to activate micocode update:
$ sudo reboot
Verify it after reboot:
# dmesg | grep 'microcode'
Sample outputs:

[    0.000000] microcode: microcode updated early to revision 0x1c, date = 2015-02-26
[    1.604672] microcode: sig=0x306a9, pf=0x10, revision=0x1c
[    1.604976] microcode: Microcode Update Driver: v2.01 <>, Peter Oruba

If you are using RHEL/CentOS try installing or updating the following two packages using yum command:
$ sudo yum install linux-firmware microcode_ctl
$ sudo reboot
$ sudo dmesg | grep 'microcode'

How to update/install microcode downloaded from Intel site

Only use the following method when recommended by your vendor otherwise stick to Linux packages as described above. Most Linux distro maintainer update microcode via the package manager. Package manager method is safe as tested by many users.

How to install Intel processor microcode blob for Linux (20180108 release)

Ok, first visit AMD or Intel site to grab the latest microcode firmware. In this example, I have a file named ~/Downloads/microcode-20180108.tgz (don’t forget to check for checksum) that suppose to help with meltdown/Spectre. First extract it using the tar command:
$ mkdir firmware
$ cd firmware
$ tar xvf ~/Downloads/microcode-20180108.tgz
$ ls -l

Sample outputs:

drwxr-xr-x 2 vivek vivek    4096 Jan  8 12:41 intel-ucode
-rw-r--r-- 1 vivek vivek 4847056 Jan  8 12:39 microcode.dat
-rw-r--r-- 1 vivek vivek    1907 Jan  9 07:03 releasenote

I tested the following instructions on a CentOS 7.x/RHEL 7.x/Debian 9.x and Ubuntu 17.10 only. Older kernel shipped with older distro might not work if you do not see /sys/devices/system/cpu/microcode/reload file. See discussion below. Please note that few customers getting of higher system reboots after applying firmware updates. Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center cpus used in server. Do not apply Intel firmware release 20180108 on Intel Broadwell and Haswell CPUs. If possible use package manager method.

Make sure /sys/devices/system/cpu/microcode/reload exits:
$ ls -l /sys/devices/system/cpu/microcode/reload
You must copy all files from intel-ucode to /lib/firmware/intel-ucode/ using the cp command:
$ sudo cp -v intel-ucode/* /lib/firmware/intel-ucode/
You just copied intel-ucode directory to /lib/firmware/. Write the reload interface to 1 to reload the microcode files:
# echo 1 > /sys/devices/system/cpu/microcode/reload
Update an existing initramfs so that next time it get loaded via kernel:
$ sudo update-initramfs -u
$ sudo reboot

Verifying that microcode got updated on boot or reloaded by echo command:
# dmesg | grep microcode
That is all. You have just updated firmware for your Intel CPU.


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 0 comments... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum