WTF ... IS WTF!?
We are a collective of people who believe in freedom of speech, the rights of individuals, and free pancakes! We share our lives, struggles, frustrations, successes, joys, and prescribe to our own special brand of humor and insanity. If you are looking for a great place to hang out, make new friends, find new nemeses, and just be yourself, is your new home.

Stop installing our buggy Spectre CPU firmware fixes, Intel says


Voorhees a jolly good fellow!
The firmware patches designed to protect Intel processors against nasty Spectre CPU exploits have a big downside: They’re forcing more frequent reboots and other performance issues on some systems, including PCs that released in 2017. The problem is severe enough that Intel is now recommending that users not install currently available patches and instead wait for new ones to be released.

“We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it,” Intel executive vice president Navin Shenoy said in a January 22 post. “We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior.”

The advice reverses Intel’s previous guidance, which said users should install the CPU firmware patches despite the risk of more frequent system reboots. Although Shenoy’s post only explicitly mentions Broadwell and Haswell chips, Intel’s new microcode revision guidance states that the advice applies to more modern chips as well.

On January 11, Intel confirmed that the firmware patches prompted more frequent reboots in Haswell (2013) and Broadwell (2014) systems. A week later, Intel revealed that many other processor generations also succumb to the reboot bug: Sandy Bridge (2011), Ivy Bridge (2012), Skylake (2015), and Kaby Lake (2017). The January 22 microcode revision guidance says current 8th-gen “Coffee Lake” CPUs are also affected by the issue.

“Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed,” Shenoy says.

Keep an eye out for those new firmware updates, which will come from your PC hardware vendor (HP, Dell, Asus, et cetera) rather than Intel itself. Spectre attacks haven’t been observed in the wild, but now that the exploits have been published, they’re no doubt coming. AMD says its processors face “near-zero” risk from the Spectre variant that requires a microcode update, but it is nevertheless releasing optional firmware updatesfor its chips.

Attackers need to be able to run code on your PC to exploit the CPU flaws.

Source: PC World
  • Helpful
Reactions: BRiT