Story image

Stop patching Spectre & Meltdown issues or risk reboot problems, Intel warns

25 Jan 2018

Intel is warning all users to stop downloading patches for the Spectre and Meltdown vulnerabilities because they are causing system reboot issues for a number of machines.

On January 11 Intel received reports from customers that they were experiencing higher system reboots after installing the patches.

“Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center. We are working quickly with these customers to understand, diagnose and address this reboot issue. If this requires a revised firmware update from Intel, we will distribute that update through the normal channels.  We are also working directly with data center customers to discuss the issue,” the company said at the time.

This week Intel discovered the root cause of the issue and says it has made good progress towards a solution. The company will distribute the new solution to partners for testing this weekend and will release a final solution available once testing has finished.

In the meantime, Intel says customers and partners should stop installing current releases.

“We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behaviour,” the company says.

This applies to all users affected by the Meltdown and Spectre vulnerabilities, which includes a number of Intel Core, Intel Xeon, Intel Atom, Intel Celeron and Intel Pentium processors. See the full list here. “We ask that our industry partners focus efforts on testing early versions of the updated solution so we can accelerate its release. We expect to share more details on timing later this week.”

Intel also says customers must be vigilant in their efforts to keep systems up to date and to maintain security best practice.

Earlier this month Intel CEO Brian Krzanich wrote an open letter to tech leaders that reinforced Intel’s commitment to customers and to fixing the issues.

He explained that the company approaches the updates with ‘customer-first’ urgency, timely and transparent communications and the ongoing pledge to customer security.

“To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities following rules of responsible disclosure and, further, we commit to working with the industry to share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks. We also commit to adding incremental funding for academic and independent research into potential security threats,” he wrote.

“The bottom line is that continued collaboration will create the fastest and most effective approaches to restoring customer confidence in the security of their data. This is what we all want and are striving to achieve.”

NVIDIA announces Jetson Nano: A US$99 tiny, yet mighty AI computer 
“Jetson Nano makes AI more accessible to everyone, and is supported by the same underlying architecture and software that powers the world's supercomputers.”
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
NVIDIA introduces a new breed of high-performance workstations
“Data science is one of the fastest growing fields of computer science and impacts every industry."
Apple says its new iMacs are "pretty freaking powerful"
The company has chosen the tagline “Pretty. Freaking powerful” as the tagline – and it’s not too hard to see why.
NZ ISPs issue open letter to social media giants to discuss censorship
Content sharing platforms have a duty of care to proactively monitor for harmful content, act expeditiously to remove content which is flagged to them as illegal.
Partnership brings AI maths tutor to NZ schools
“AMY can understand why students make a mistake, and then teach them what they need straight away so they don't get stuck."
Polycom & Plantronics rebrand to Poly, a new UC powerhouse
The name change comes after last year’s Plantronics acquisition of Polycom, a deal that was worth US $2 billion.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.