Intel: Stop Installing Meltdown & Spectre Patches Now

Intel has urged its manufacturer partners to stop distributing botched versions of patches designed to mitigate the threats posed by the Meltdown and Spectre chip vulnerabilities.

The two bugs first became public knowledge at the start of the year and affect virtually every processor made by Intel, AMD and ARM manufacturer during the past 20 years.

Essentially, the vulnerabilities affect the kernel of the chips and could allow an attacker to read information that should otherwise be inaccessible. This means an attacker could obtain passwords, encryption keys or steal information from other applications.

Intel patch advice

Since then device and chip makers, along with major cloud providers, have rushed to patch the flaws, but this has been a troubled process with Intel confirming the fix can affect system performance, while there have also been reports of boot problems following installation.

Intel says it has now identified he root cause for problems affecting the Broadwell and Haswell chips and is making “good progress” in its bid to address it.

Over the weekend it rolled out an early version of the latest build to its partners for testing and will release it generally once testing is complete.

“We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behaviour,” said the firm.

“We ask that our industry partners focus efforts on testing early versions of the updated solution so we can accelerate its release. We expect to share more details on timing later this week.”

Intel added it was “working around the clock” to fix the issues but this hasn’t gone down well with Linux creator Linus Torvalds who has called the situation “pure garbage”.

The company is also facing a class action lawsuit over the vulnerabilities.

Quiz: What do you know about ARM Holdings?