Home Security Intel tells select customers not to use its bug fixes

Intel tells select customers not to use its bug fixes

Intel tells select customers not to use its bug fixes Featured

Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

The advice, reported by The Wall Street Journal, was issued to select customers on Wednesday.

The company told customers to "delay additional deployments of these microcode updates", and added, "Intel will provide frequent updates".

Stephen Smith, the general manager of Intel's data centre group, told the WSJ that the advice was provided to makers of PCs and big cloud providers after feedback that its updates had caused some machines to reboot.

Smith claimed that the bugs are "unrelated to security", adding that the company advised consumers to use firmware update from their vendors. Computer makers and cloud providers were told to avoid using Intel's patches.

Details of the two bugs, dubbed Meltdown and Spectre, were released last week after an embargo of 9 January collapsed.

An employee of Google's Project Zero was the first to discover the two vulnerabilities, and the company justified breaking the embargo, saying: "We are posting before an originally co-ordinated disclosure date of 9 January 2018 because of existing public reports and growing speculation in the press and security research community about the issue, which raises the risk of exploitation."

Since then, a number of industry players, big and small, have issued patches for their products, including Microsoft and the Linux kernel project.

Meltdown removes the barrier between user applications and sensitive parts of the operating system while Spectre, which is also reportedly found in some AMD and ARM processors, can trick vulnerable applications into leaking the contents of their memory.

The WSJ quoted one unnamed Intel partner, who, like Theo de Raadt, the head of the OpenBSD project, expressed disquiet that the company was only informing some customers about the problems with the patches.

De Raadt told  iTWire about the initial bug disclosure: "Only Tier-1 companies received advance information, and that is not responsible disclosure – it is selective disclosure. Everyone below Tier-1 has just gotten screwed."

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

10 SIMPLE TIPS TO PROTECT YOUR ORGANISATION FROM RANSOMWARE

Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.

DOWNLOAD NOW!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications