Are You Deploying Meltdown And Spectre Patches? Intel Says Not So Fast…
If you were deploying patches for those CPU vulnerabilities known as Meltdown and Spectre, Intel via a blog post suggests that you should put the kibosh on that for the time being. Here’s what Intel Executive Vice President Navin Shenoy said in the blog post in question:
As we start the week, I want to provide an update on the reboot issues we reported Jan. 11. We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it. Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed.
And:
We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior.
That’s pretty embarrassing to have a non-trivial problem of this scale, and to have a fix that is worse than the problem. You have to wonder what is going on at Intel these days. Is it amateur hour over there??
January 24, 2018 at 10:28 am
[…] seems that the rush to NOT fix the Spectre vulnerability has spread to other companies besides Intel. I say that because Dell and HP are now saying not to install BIOS updates that solve this issue. […]
February 8, 2018 at 12:35 pm
[…] initial mitigations for Variant 2 of the Meltdown and Spectre attacks. Allegedly these ones work without crashing PCs and servers. Intel has also said that more fixes are inbound “in the coming days” which should be […]