Intel has begun “quietly advising some customers to hold off installing patches” related to the recent Spectre vulnerability, according to emails seen by the Wall Street Journal, and confirmed by a blog post from Intel. The company is reportedly telling cloud-center customers and computer manufacturers to hold off on applying some recent updates, due to a bug in the patch that appears to be causing reboot problems for some systems.
“We have received reports from a few customers of higher system reboots after applying firmware updates,” Intel EVP Navin Shenoy said in a statement. “Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center. We are working quickly with these customers to understand, diagnose and address this reboot issue.”
However, Shenoy did re-iterate that regular users should continue to apply updates when their system recommends. The bug is also unique to Intel’s patch, and other fixes for the Meltdown and Spectre, including those being pushed by Apple and Microsoft, are safe to apply.
Patching certain variants of the Spectre vulnearbility requires Intel to rewrite processor firmware, a challenging task that’s much harder than patching the security flaws at a browser and operating system level. Recent statements from Intel and Microsoft confirm that some patches may cause a reduction in system performance, as patching the vulnerabilities means fiddling with processes that are designed to speed up CPU performance.
The bugs that are causing Intel problems are not related to security, an Intel exec told the Wall Street Journal, but rather cause a reboot problem on Intel’s older PC chips. Affected models include Broadwell silicon, introduced in 2015, and Haswell-generation processors dating back to 2013.