Intel tells users to stop installing chip patches


Spectre and Meltdown logos

Image caption

Spectre and Meltdown were researched for months before information was made public

Software patches issued to fix serious security flaws on Intel chips should no longer be applied, the company has said.

The patches tried to tackle flaws called Meltdown and Spectre that, if exploited, could expose important data.

Many reported that their machines slowed down or stopped working when they applied Intel’s updates.

Intel said it now knew what caused these problems and was developing fresh patches that would work better.

Grabbing data

In a statement, Intel spokesman Navin Shenoy said it had been investigating why the earlier patches caused “higher-than-expected reboots and other unpredictable system behaviour”.

Some companies have also reported machines running more slowly after they applied Intel’s patches. In a blog, Lyft engineer Matt Klein said it had seen a 20% slowdown when its servers were swapping a lot of data back and forth.

Intel’s own tests suggested that computers would slow by between 2% and 25%.

Intel’s investigation into what caused the patches to make computers unstable has now led it to advise people to stop applying those updates, Mr Shenoy said.

Instead customers, such as PC makers and cloud providers, should start testing early versions of the new patches which it has already started sharing.

He apologised for “any disruption” that Intel’s change of advice would cause.

IDC analyst Mario Morales was critical of Intel’s handling of the updates.

“They haven’t resolved the matter,” he told Reuters, adding that Intel was “still trying to get a handle on what’s really happening”.

The confusion could hit computer sales in the near future as companies put off buying machines that are still vulnerable.

The Meltdown and Spectre bugs came to light in early January and emerge because of the way that computer chips handle data. In particular, these flaws target methods used to speed up processing which, if abused, could let attackers steal important data such as encryption keys or passwords.

Meltdown affected Intel chips and one Arm processor. Spectre is present in chips made by Intel, Arm and AMD.

Many software and hardware firms have produced patches that attempt to stop the bugs being exploited.

Microsoft advised people with computers that use AMD chips against applying its patch because it could stop the machines working. It fixed the patch and re-issued it soon afterwards.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *