Meltdown/Spectre Firmware Updates Causing Reboots for Some Intel Customers

Mindy Sparks
January 13, 2018

For customers anxious about the fixes disrupting their machines, Intel said it will provide more updates to the public about the patching process, including "performance data".

Customer-First Urgency: By Jan. 15, we will have issued updates for at least 90 percent of Intel CPUs introduced in the past five years, with updates for the remainder of these CPUs available by the end of January. "Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center", Shenoy wrote in a blog post.

Shenoy said that if the reboot issue requires a firmware update, it will be distributed through normal channels.

"We are also working directly with data centre customers to discuss the issue. These are non-trivial changes to make and small differences in systems can make a world of difference".

The company now says that while it thinks that GPZ Variant 2 is hard to exploit on its chips, it'll still work with its partners to release microcode updates and OS patches to mitigate the vulnerability.

Customers have complained to the company about a higher than usual level of system reboots following installation of the patches.

In the most basic terms, Williams explained, vulnerable processors are like an old, broken bridge.

"Let's be transparent about what patches for these vulnerabilities mean", Williams said.

As explained in Google's post, most CPUs have a system in place that walls off applications so they can not see what's present in the memory of another application.

Infrastructure automation will help, but these vulnerabilities arose from CPU technology that drastically improved performance, with more efficient memory caching and pre-fetching. "That's not Intel's problem, but "install these patches and you'll be fine" is disingenuous".

Intel's fixes for the Meltdown and Spectre bugs are triggering processors released between 2013 and 2016 to randomly reboot. There are important roles for everyone: Timely adoption of software and firmware patches by consumers and system manufacturers is critical. Red Hat put out an advisory to customers stating its patches to the Red Hat Enterprise Linux kernel may reduce performance by 8% to 19% on highly cached random memory.

Intel has released an update addressing the patches the company has issued to resolve recently-revealed, massive CPU security flaws, and the performance hits (and other quirks) users are experiencing in the wake of the updates. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date. We believe our GPU hardware is immune to the reported security issue.

Intel has arguably been worst affected of all the major chip designers, with CPUs going back to 1995 affected.

Williams expects security experts to double down on this field of research.

"The pledge is likely brand management more than a real thing that will markedly increase security". But with the vulnerabilities now public, security researchers worry it'll only be a matter of time.

Other reports by Iphone Fresh

Discuss This Article