Don’t install Intel’s patches for Spectre and Meltdown chip vulnerabilities; Intel warns

 Intel's patches for Spectre

Intel on Monday cautioned that you should quit sending its present variants of Specter/Meltdown patches, which Linux maker Linus Torvalds calls ‘finish and express rubbish.’
Phantom and Meltdown are security vulnerabilities unveiled by analysts not long ago in numerous processors from Intel, ARM and AMD utilized as a part of present day PCs, servers and cell phones (among different gadgets), which could enable assailants to take your passwords, encryption keys and other private data.

Since last week, users are reporting that they are facing issues like spontaneous reboots and other ‘unpredictable’ system behaviour on their affected computers after installing Spectre/Meltdown patch released by Intel.

Keeping these problems in mind, Intel has advised OEMs, cloud service providers, system manufacturers, software vendors as well as end users to stop deploying the current versions of its patches until the chip giant develops ‘a solution to address it.’

“We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it,” Intel said in a press release published on Monday.
“Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed.”
Linus Torvalds Calls Intel’s Meltdown/Spectre Patches ‘Garbage’

Meanwhile, in a public email conversation, Linus Torvalds complains that he is not happy with the Intel’s approach of protecting the Linux kernel from Spectre and Meltdown flaws, saying:
“They do literally insane things. They do things that do not make sense… I really don’t want to see these garbage patches just mindlessly sent out. … I think we need something better than this garbage.” Torvalds said.

Intel patches require users to manually opt-in and enable the fix while their computers boot up when the security patches for such a critical flaw should be applied automatically.
It’s because the ‘Indirect Branch Restricted Speculation’ or IBRS—one of three new hardware patches offered as CPU microcode updates by Intel—is so inefficient that it would result in widespread performance hits if rolled out worldwide.

So in other words, to prevent bad performance in benchmark tests, Intel is offering users to choose between performance and security.
New Intel patches will be available in the future.

Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge