Home Security Intel tells select customers not to use its bug fixes
Intel tells select customers not to use its bug fixes Featured

Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

The advice, reported by The Wall Street Journal, was issued to select customers on Wednesday.

The company told customers to "delay additional deployments of these microcode updates", and added, "Intel will provide frequent updates".

Stephen Smith, the general manager of Intel's data centre group, told the WSJ that the advice was provided to makers of PCs and big cloud providers after feedback that its updates had caused some machines to reboot.

Smith claimed that the bugs are "unrelated to security", adding that the company advised consumers to use firmware update from their vendors. Computer makers and cloud providers were told to avoid using Intel's patches.

Details of the two bugs, dubbed Meltdown and Spectre, were released last week after an embargo of 9 January collapsed.

An employee of Google's Project Zero was the first to discover the two vulnerabilities, and the company justified breaking the embargo, saying: "We are posting before an originally co-ordinated disclosure date of 9 January 2018 because of existing public reports and growing speculation in the press and security research community about the issue, which raises the risk of exploitation."

Since then, a number of industry players, big and small, have issued patches for their products, including Microsoft and the Linux kernel project.

Meltdown removes the barrier between user applications and sensitive parts of the operating system while Spectre, which is also reportedly found in some AMD and ARM processors, can trick vulnerable applications into leaking the contents of their memory.

The WSJ quoted one unnamed Intel partner, who, like Theo de Raadt, the head of the OpenBSD project, expressed disquiet that the company was only informing some customers about the problems with the patches.

De Raadt told  iTWire about the initial bug disclosure: "Only Tier-1 companies received advance information, and that is not responsible disclosure – it is selective disclosure. Everyone below Tier-1 has just gotten screwed."

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

10 SIMPLE TIPS TO PROTECT YOUR ORGANISATION FROM RANSOMWARE

Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.

DOWNLOAD NOW!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the sitecame into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect