Friday, 22 June, 2018

Intel asks customers to avoid installing patches for Meltdown, Spectre flaws

Intel Spectre Patches Intel asks customers to avoid installing patches for Meltdown, Spectre flaws
Nellie Chapman | 24 January, 2018, 12:00

Intel apologised for the issues being caused by the patch, but it's likely to not be enough for users with suddenly borked machines.

Intel has been forced to warn users not to install the microcode updates it released to mitigate against the Spectre and Meltdown processor design flaws more than two weeks ago, following the discovery of widespread random-reboot issues across all processor models.

Because a patch is incoming, Intel now officially recommends that "OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions" of the fix.

The issue, acknowledged by Intel on January 11, affects chip platforms that include Ivy Bridge, Sandy Bridge, Skylake, Kaby Lake, Broadwell and Haswell (see Intel Confirms Fresh Spectre, Meltdown Patch Problems).

The affected chipsets include those using the Coffee Lake, Kaby Lake, Skylake, Broadwell, Haswell, Ivy Bridge and Sandy Bridge architectures. Now Intel is calling for a full stop due to imperfect patches for a trio of chip security vulnerabilities known as Meltdown and Spectre.

IDC analyst Mario Morales was critical of Intel's handling of the updates. It said its engineers are working "around the clock" to continue resolving the problems and deploy functional firmware mitigations for the hardware issues.

"We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it", explains Intel.

To put in a less-confusing way: Torvalds is saying that the Intel's patches doesn't treat the Spectre and Meltdown flaws as bugs.

The Spectre and Meltdown flaws are related to the way in which chips handle logical processes pertaining to operations by operating-system kernels and individual applications.

As for when the modified BIOS patch will be released, that will depend on the OEM responsible for manufacturing your computer or server. In fact, original Linux developer Linus Torvalds has called Intel's patches "COMPLETE AND UTTER GARBAGE". The patches do things that are not sane ...

"Consumers have no patience for perceived inactivity when it comes to vulnerabilities or security issues, so organizations want to take action as soon as a vulnerability becomes public".

"Has anybody talked to them and told them they are f*cking insane?" While both of them have been found to be affecting all makes of chipsets, there is a difference.