Ever since the Spectre and Meltdown security flaws were made public at the beginning of the year, tech companies have been scrambling to get users to update their software. But unfortunately, after sending the software patch to computer manufacturers and enterprise customers, chipmaker Intel discovered that its security fix caused reboot problems. Intel cautioned users about installing the patch in a blog post last week, but as of today, the company appears to have given up on this round of patches altogether.
“We recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment of current versions on specific platforms,” Intel executive vice president Neil Shenoy said in a statement, “as they may introduce higher than expected reboots and other unpredictable system behavior.”
Patching certain variants of the Spectre vulnearbility requires Intel to rewrite processor firmware, a challenging task that’s much harder than patching the security flaws at a browser and operating system level. Recent statements from Intel and Microsoft confirm that some patches may cause a reduction in system performance, as patching the vulnerabilities means fiddling with processes that are designed to speed up CPU performance.
The reboot problems mostly affect Broadwell and Haswell processors, introduced in 2015 and 2013 respectively. However, Intel also revealed in a release last week that the reboot problems can occur on other processor generations, depending on the configuration. “We have determined that similar behavior occurs on other products in some configurations, including Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms,” Intel said in a statement last week.
Right now, it seems like the best course of action is to stop any Intel firmware updates until further notice. Intel said that “over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed,” so hopefully a bug-free security patch should roll out to customers within a week or two.