Breach, Content

Intel: Meltdown, Spectre Patches Cause Reboot Issues in Old Chips

Intel has identified three issues in Meltdown and Spectre microprocessor security bug patches released over the past week for firmware software that is installed directly on its processors, The Wall Street Journal reported.

Meltdown and Spectre patches may cause higher system reboots after end users apply firmware updates, according to Intel. Impacted systems include those running Intel Broadwell and Haswell CPUs for both client and data center; Broadwell processors were introduced in 2015, and Haswell chips date back to 2013.

A Closer Look at Intel's Response to the Faulty Security Patches

Intel is working with customers to understand, diagnose and address the reboot issues, Navin Shenoy, EVP and GM of Intel's data center group, said in a prepared statement. End users should continue to apply updates recommended by their system and operating system providers, Shenoy stated, and Intel will distribute a revised firmware update if necessary.

Intel’s Leslie Culbertson
Leslie Culbertson

Also, Intel is advising computer makers and cloud providers to hold off from using its firmware update, The Wall Street Journal reported.

Intel will issue updates for at least 90 percent of its CPUs introduced in the past five years by January 15, CEO Brian Krzanich said in a prepared statement. Meanwhile, the company plans to release updates for the remainder of these CPUs by the end of the month.

In addition, Intel plans to create an internal cybersecurity group, a report in The Oregonian stated. Leslie Culbertson, Intel's SVP and director of human resources, will lead the cybersecurity group, and Krzanich has appointed VP Steve Smith and reassigned several company executives to the group.

Intel is one of the world's largest chipmakers based on revenue. The company recorded $16.1 billion in revenue in the third quarter of 2017, which represented a 2 percent year-over-year increase.

Meltdown and Spectre: Here's What You Need to Know

Intel released details about Meltdown and Spectre last week. The security bugs allow database applications, JavaScript, web browsers and other administrator and user programs to identify the layout or contents of protected kernel memory areas, The Register indicated.

AmazonGoogle and Microsoft have updated their cloud services and other products in response to Meltdown and Spectre. The U.S. Computer Emergency Readiness Team (US-CERT) also is aware of the security bugs and recommends administrators and users review Vulnerability Note VU#584653Microsoft’s Advisory and Mozilla’s blog post for additional guidance.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.