Intel Tells Partners, Customers To Stop Issuing Spectre Patches, Citing 'Unpredictable System Behavior'
Intel on Monday told customers and partners to cease deployments of the company's patches for the Spectre exploit after it acknowledged the patch was creating reboot issues for chips.
"We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior," said Navin Shenoy, executive vice president and general manager of the Data Center Group at Intel Corporation in a statement.
The statement is the latest update from Intel on its messy follow up to the Spectre and Meltdown exploits, which were revealed two weeks ago and affected chips from multiple vendors. The exploits, which account for three variants of a side-channel analysis security issue in server and PC processors, could potentially enable hackers to access protected data.
And while Intel has worked to issue patches for these exploits, the Santa Clara, Calif.-based company last week acknowledged that some companies are reporting reboot issues with both older and newer chips for both client compute and data center after they patched their devices.
The impacted CPUs included Intel's Broadwell, Haswell, Ivy Bridge, Sandy Bridge, Skylake and Kaby Lake platforms.
Intel said in the post that it has "now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it." The company said it has started rolling out an early version of the updated solution to partners for testing and will make a final release that will become available after the testing has been completed.
Intel did not mention its newer chips, including Skylake and Kaby Lake. The company's last updates on these newer chips explained that it has reproduced the issues internally and is working to identify the cause.
The Spectre and Meltdown security issues – and subsequent faulty patches – have left OEMs scrambling. Dell Technologies is conducting performance tests across its entire product portfolio to assess the impact of the software patches used to combat the Meltdown and Spectre security issues. Meanwhile, VMware retracted Intel's patching recommendation for its products after pushing the microcode upgrades for its hardware.
"I apologize for any disruption this change in guidance may cause," said Shenoy in the post. "The security of our products is critical for Intel, our customers and partners, and for me, personally. I assure you we are working around the clock to ensure we are addressing these issues."
One partner, who wished to remain anonymous, said that the channel's role is the talk with impacted customers and help them understand what steps are necessary for dealing with the Spectre and Meltdown exploits.
"I think the channel can say things that Intel (and AMD) cannot," said the partner. "We have been working with vendors on some patches, but the real threat right now is more about consumer confidence."