Intel working on new patch for chip security flaws, following reports of unexpected reboots
Following the recent discovery of two chip security flaws which affect all recently manufactured Intel chips, the company issued a patch, which has been found to cause unexpected reboots.
Thanks to Intel’s long-running market dominance, its chips are used in the vast majority of the world’s PCs, meaning that an enormous number of users around the world could be affected by the vulnerabilities. The flaws - named “Meltdown” and “Spectre” –could allow hackers to gain personal information, including passwords, via access to the kernel (the core system of a computer).
However, there have been no reports of the vulnerability being exploited for malicious purposes.
Intel issued a patch following reports of the vulnerability, although some users noticed problems with their PCs after they installed the patch, including the machines rebooting more frequently than normal. Intel acknowledged the problem – mentioning that Haswell and Broadwell chips were affected – but encouraged customers to install it regardless.
The company has now performed a U-turn, warning users against installing the fix, requesting that their partners stop distributing it, and encouraging its industry partners to focus on testing early versions of the new patch.
Intel has said that it has identified the cause of the rebooting problem, and is working on a new fix that circumvents these issues, beginning by focusing on Haswell and Broadwell chips. In a blog post, Navin Shenoy, vice president for Intel’s Data Centre Group, said that the company had made “good progress” in developing a solution.
“I apologise for any disruption this change in guidance may cause,” he wrote. “The security of our products is critical for Intel, our customers and partners, and for me, personally. I assure you we are working around the clock to ensure we are addressing these issues.”
The company’s mixed messages could cause confusion, particularly given that users are encouraged to install all security patches as soon as they become available. Windows users will receive the patch through a Windows Update rather than directly from Intel, making it difficult to identify which updates in the package to avoid.
Users have also reported that their machines are suffering from slowdowns after installing the patches. Matt Klein, an Uber engineer, wrote in a blog post that he was experiencing a 20 per cent slowdown in performance following the fix. Due to the nature of a fix for Meltdown and Spectre fundamentally changing how the operating system communicates with the kernel, slowdowns in performance of up to 30 per cent have been feared, with older systems more severely affected.