Is there a way to download a microcode directly from CPU manufacturer? Duck.ai sais no. There is a github repo with collection of firmwares.

Well ...

Could be that ...   (No idea, just shots in the dark.  8^°)

1. it is an AMD processor. ie: not Intel 
2. it is much newer than my Q9550 (released Q1/2008)
3. my CPU gets updated early to a revision number while yours gets the same type of update but to a new patch_level

Note the date on the microcode file (revision 0xa0b, date = 2010-09-28 - 15 years ago) while your patch level is not dated.

Q: do you have the amd64-microcode/stable 3.20240820.1~deb12u1 package installed?

Best,

A.

Is Devuan in process of putting this update into the Daedalus repos?

Definitely not. The Daedalus repo will only be updated if there is an update coming from the Debian repo.
Devuan is Debian w/o systemd, only parts that have relation to systemd are replaced or modified.

Anyhow, if I read the document correctly the main fix is an bios update.

These are the first two lines in my dmesg printout:

$ sudo dmesg | more
groucho@devuan:~$ sudo dmesg
[    0.000000] microcode: microcode updated early to revision 0xa0b, date = 2010-09-28
[    0.000000] Linux version 6.1.0-38-amd64 (debian-kernel@lists.debian.org) (gcc-12 (Debian 12.2.0-14+deb12u1) ...
--- snip ---
$

ie: first the microcode and then the kernel

Further on, I get this:

$ sudo dmesg | more
--- snip ---
[    0.155960] MDS: Vulnerable: Clear CPU buffers attempted, no microcode
--- snip ---
[    3.399828] microcode: sig=0x1067a, pf=0x10, revision=0xa0b
[    3.400056] microcode: Microcode Update Driver: v2.2.
--- snip ---
$ 

I also have the intel-microcode package installed and the module blacklisted in /etc/modprobe.d.

$ apt list | grep installed | grep intel-microcode
--- snip ---
intel-microcode/stable-security,now 3.20250512.1~deb12u1 amd64 [installed]
$ 

The directory /lib/firmware/intel-ucode has 125 files in it, all with a Modify time = May 18 20:06, so they receive updates.

Some insight from Intel:

I'd say that the module is blacklisted so that only the kernel deals with the respective microcode file at the very start of the boot process.
Just an edguess.

Best,

A.

After installing the microcode package, it throws up a file in /etc/modprobe.d, amd64-microcode-blacklist.conf, which reads thusly:

# The microcode module attempts to apply a microcode update when
# it autoloads.  This is not always safe, so we block it by default.
blacklist microcode

It does this with intel microcode as well.

I only know about that because I use that folder to blacklist wdat_wdt.

in my experience the support is not great not terrible, in a couple of ocassions i've had firmware updates for my HP ProBook 445 G7 that runs on an AMD ryzen 7 4700U installable via fwupd, for many others however i've had to install the updates from HP via the uefi update menu

https://wiki.debian.org/Firmware/Updates

From https://www.amd.com/en/resources/produc … -7029.html it appears AMD has released a microcode update a few weeks ago.  Is Devuan in process of putting this update into the Daedalus repos?