Intel is having reboot issues with its Spectre-Meltdown patches

Federico Mansilla
Enero 13, 2018

If this requires a revised firmware update from Intel, we will distribute that update through the normal channels.

Fixes for the recently-disclosed Spectre and Meltdown flaws are causing performance slowdowns and random reboots, but the cloud may be immune to these side effects. However, Intel still recommends end-users should apply the updates for both OS and hardware.

Following on the heels of Intel detailing its new "Security-First Pledge", the company said it needs to review potential issues users have faced with the firmware patch against the Meltdown vulnerability.

In a statement, the company suggested: "We have received reports from a few customers of higher system reboots after applying firmware updates".

While its statement regarding its products' vulnerability both Spectre variants has changed, the company said its chips' architecture will make it very hard for attackers to exploit version 2. "Retpoline fully protects against Variant 2 without impacting customer performance on all of our platforms". The Wall Street Journal is reporting it got its hands on a confidential memo issued by the company and shared with large companies and cloud providers not to install the patches. And thanks to the efforts of hundreds of engineers, no one has apparently noticed because the fixes haven't slowed down or degraded popular services like Google search, Google Drive, and Gmail.

Adding to the list of companies that definitely knew about the CPU exploits is Google, whose Project Zero team was part of the group that publicly revealed information about Spectre and Meltdown.

More news: Alabama declares state of emergency from flu; Florida dealing with widespread outbreak

On the same day, rival chipmaker AMD said it will also release a fix for the Spectre vulnerability.

Despite the rollout issues, the tech industry is still urging customers to patch their systems.

However, those who run container infrastructures estimate a milder impact of this additional work than the undertaking for those who must patch VM-based infrastructures, especially manually, to combat Meltdown and Spectre.

Swathes of CPUs have been hit by security flaws that have been lying dormant within them for years.

Security best practices dictate containers run with least-privilege access to the underlying operating system and host.

Otros informes por

Discuta este artículo