Technology

Intel's patches have bugs

Share
Intel's fix for Meltdown and Spectre had a bug of its own

Since the Spectre and Meltdown processor flaws were first made public last week, tech firms have been scrambling to get updates pushed out to users' devices.

The problem affects both Broadwell and Haswell architecture CPUs all the way from PCs to data centre servers.

The Meltdown and Spectre vulnerabilities are serious, with very few devices not impacted. The company was previously advising its bigger customers of the recommendation to delay installation "quietly".

That's probably because, as a recent The Verge story reports, Intel was well aware of the CPU exploits and was working to figure out how to patch up the security risks before harmful actors took action and took advantage of the vulnerabilities.

"If this requires a revised firmware update from Intel, we will distribute that update through the normal channels", explained Navin Shenoy, General Manager of the Intel's Data Center Group, on Thursday.

An Intel partners quoted by the Wall Street Journal argued the company was doing a disservice to its customers as the public has "been given the microcode update but has not been given the important technical information that Intel recommends that you don't use this". The second Variant, which again is part of Spectre, proved much more hard to patch, as Google was specifically trying to avoid a hit to performance.

Intel is now looking into reports that some of its customers are experiencing reboots in systems that update to the latest firmware for Meltdown/Spectre mitigation. The systems affected by the bugs are said to be the computers running on Intel's Broadwell and Haswel chips. We are working quickly with these customers to understand, diagnose and address this reboot issue.

Starting off, Krzanich says that "90% of Intel CPUs introduced in the past five years" will have mitigation patches in place for the security flaws by January 15.

Share