January 12, 2018 by

Intel Scrambles and Fumbles to Issue Patch for Chip Flaws

Intel has reportedly advised computer makers and cloud service providers to refrain from using Intel firmware updates after concerns of reboot loops.

The Wall Street Journal has revealed that Intel has been “quietly advising” certain customers to hold off installing patches to fix vulnerabilities from exploits, commonly known as Meltdown and Spectre, affecting nearly every computer manufactured in the last 15 years. The report cites a confidential document by Intel that specifies three issues in updates released as fixes for the processor’s firmware.

Specifically, Intel advised customers to “delay additional deployments of these microcode updates”.

According to Intel’s data-center group general manager Steve Smith, the document is specifically being shared with computer makers and large cloud computing providers after reports that the updates caused computers to dwell in a reboot loop. The bugs, which are “unrelated to security” according to the executive, affects a number of Intel’s older server and PC chips including Haswell chips dating back to 2013 and Broadwell processors released in 2015.

In a security update posted by Intel after the WSJ article, its executive vice president Navin Shenoy admitted to the boot-loop concerns in the interests of transparency.

The Intel executive wrote:

 We are working quickly with these customers to understand, diagnose and address this reboot issue. If this requires a revised firmware update from Intel, we will distribute that update through the normal channels.

Further, he stressed end-users ought to continue applying updates that are recommended by their hardware and software manufacturers, rather than using Intel’s patch.

The world’s largest chipmaker admitted to the security issues first revealed by Google Project Zero, pointing to vulnerabilities that allow hackers to steal sensitive information from computers, smartphones and other devices using Intel’s microprocessors.

Intel shares are down 4.5% since reports of the flaws emerged soon after the turn into 2018.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Researchers Discover 119 Meltdown, Spectre Malware Variants in the Wild

Hundreds of malware samples that have taken advantage of the proof-of-concept (PoC) code for the...

Read more arrow_forward

Meltdown, Spectre Bugs Bring More Grief to Microsoft, AMD Users

Microsoft has temporarily paused issuing patches to the Metldown and Spectre vulnerabilities for AMD...

Read more arrow_forward

‘Worst Ever” CPU Bugs Meltdown and Spectre Virtually Affect All Computers

Two major processor security flaws, dubbed “Meltdown” and “Spectre” affect everything from...

Read more arrow_forward