Intel security patches could cause restarts on hardware old and new

Posted January 19, 2018

TROUBLED CHIPMAKER Intel has admitted that the problems caused by patching the Spectre and Meltdown vulnerabilities in its chips affect newer models as well as the older ones it had previously admitted to.

Shenoy says Intel engineers have also found unexpected reboots occur in devices powered by later chips and configurations, including Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms.

"We have reproduced these issues internally and are making progress toward identifying the root cause", Shenoy said. Intel says that the existing updates continue to provide protection against the flaws even if they might wreck reliability for some folks.

McNerney, a member of the House Energy and Commerce Committee, asked the companies to explain the scope of Spectre and Meltdown, their timeframe for understanding the vulnerabilities, how consumers are affected and whether the flaws have been exploited, among other questions. It intends to ship a beta microcode to system builders next week.

"Most users are going to hear things like security flaw, or performance issues and be very concerned so I would really like to see Intel do more to address those topics", said one partner, who wished to remain anonymous. "But we have more work to do".

On Tuesday, as part of its quarterly patch update, Oracle released fixes for 237 flaws across its products, including its first batch of Spectre and Meltdown fixes.

Last week, AMD put out a security update confirming that its processors are vulnerable to Spectre variant 1, which will be contained by operating system patches.

Intel says it's continuing to gauge the impact that its fixes are having.

And, while Intel's data centre tests replicating a stock exchange scenario show a performance slowdown of 4%, different scenarios can induce a considerably more significant slowdown.

Tests were conducted by the company on Intel's Skylake two-socket Xeon processor systems, its latest server microarchitecture.

Intel is now investigating these issues and working on fixes for the same.

The company is also looking at incorporating Google's Retpoline (return trampoline) software solution to mitigate the performance impact of the security patches.