Intel's telling some customers to avoid its fix for the Spectre and Meltdown attacks - because of a big bug
Amazon
- Intel said Thursday one of its patches for the Spectre and Meltdown attacks can cause its processors to reboot when they're not supposed to.
- Intel is telling some big customers to "delay" installing the patches, the Wall Street Journal reported.
Intel is quietly telling some of its big customers to "delay" installing a fix it issued that was intended to address a major security vulnerability that became public last week, the Wall Street Journal reported.
The giant chipmaker is giving that advice because the recently issued software update can cause its latest processors to reboot when they're not supposed to, something the company acknowledged in a statement on Thursday.
"We have received reports from a few customers of higher system reboots after applying firmware updates," Navin Shenoy, executive vice president and general manager of Intel's data center group, said in the statement. "We are working quickly with these customers to understand, diagnose, and address this reboot issue."
Notably, Intel didn't give the same advice to consumers as it's giving to its big customers.
"End-users should continue to apply updates recommended by their system and operating system providers," Shenoy said in the statement.
The updates are intended to address a security flaw that affects nearly every Intel processor produced since 1995. The flaw, which can be exploited in a pair of attacks dubbed Meltdown and Spectre, could allow hackers to access photos, passwords, and other sensitive information from just about any PC or server.
Confirmed by Google, the underlying flaw affects many different kinds of processors from a variety of manufacturers. But the revelation of its existence hit Intel the hardest, in part because unlike other processors, its chips are vulnerable to both attacks.
Some experts initially worried that fixes for the flaw could slow the performance of PCs and other devices and that the Spectre attack in particular would be extraordinarily difficult to defend against.
Intel has said it will issue fixes that won't directly affect performance, and the best thing to do would be to install them as soon as possible.
"The best thing you can do to make sure your data remains safe is to apply updates from your operating system vendor as soon as they become available," company CEO Brian Krzanich said in a speech Monday.
A fundamental flaw
David Becker/Stringer
On Tuesday, Microsoft published a blog post where it said it expects "most users" with older computers to "notice a decrease in system performance" after applying patches to fix the flaw.
On Thursday, Krzanich published an open letter to customers on the Intel website pledging timely progress updates on the issue.
Intel is just one of several tech companies issuing software updates to address the flaw and defend against Meltdown and Spectre. Microsoft, Amazon, Google, Apple, and others have all rushed out fixes.
On Monday, Krzanich said there's no evidence that Meltdown or Spectre have ever been used to steal customer data in real life and that Intel plans to keep it that way.
Get the latest Intel stock price here.
- I quit McKinsey after 1.5 years. I was making over $200k but my mental health was shattered.
- Some Tesla factory workers realized they were laid off when security scanned their badges and sent them back on shuttles, sources say
- I tutor the children of some of Dubai's richest people. One of them paid me $3,000 to do his homework.
- Why are so many elite coaches moving to Western countries?
- Global GDP to face a 19% decline by 2050 due to climate change, study projects
- 5 things to keep in mind before taking a personal loan
- Markets face heavy fluctuations; settle lower taking downtrend to 4th day
- Move over Bollywood, audio shows are starting to enter the coveted ‘100 Crores Club’