Intel Confirms Newer Chips Impacted By Spectre, Meltdown Patches

The fallout from the Meltdown and Spectre flaws continues after Intel admitted problems with the patches designed to fix the exploit.

Intel’s warning applies to data centre systems running newer chips when it revealed that its firmware updates designed to fix the Spectre and Meltdown exploits, are likely to result in more frequent reboots of the patched systems.

And Intel said that some website servers slowed down by 2 percent as a result of the patch. But other tests simulated online transactions at a stock brokerage showed a 4 percent slowdown, and servers shifting large amounts of data could see a 18 percent to 25 percent slowdown.

Performance Hit

Intel’s admission of the performance price of the patches is a welcome development, after the chip giant had at first downplayed the likely performance impact of the patches, despite Microsoft warning that the fixes for Spectre and Meltdown were likely to have a ‘significant performance impact’ on some PCs or servers.

But now Intel has revealed that the performance hit will likely be very severe for some servers that store large amounts of data and try to retrieve it quickly.

And the bad news did not stop there, as Navin Shenoy, general manager of Intel’s data centre group, confirmed that patches for the security flaws can cause higher-than-expected reboot rates in Ivy Bridge, Sandy Bridge, Skylake and Kaby Lake processors.

Intel had said last week that it had received reports that its security patches were causing problems in systems with its older Broadwell and Haswell chips.

“We have now issued firmware updates for 90 percent of Intel CPUs introduced in the past five years, but we have more work to do,” he said. “As I noted in my blog post last week, while the firmware updates are effective at mitigating exposure to the security issues, customers have reported more frequent reboots on firmware updated systems.”

“As part of this, we have determined that similar behavior occurs on other products in some configurations, including Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms. We have reproduced these issues internally and are making progress toward identifying the root cause. In parallel, we will be providing beta microcode to vendors for validation by next week.”

Loading ...

Chip Exploits

The industry-wide processor vulnerabilities were discovered in early January, and straight away there was concern that the fix for the design flaw was likely to have a big impact on the performance of patched computers.

At first Intel did not deny that the fixes would have a performance impact, but downplayed talk of a slowdown despite expert warnings. Indeed Intel said that any downgrade in performance wouldn’t be noticeable to most users. Even still, the company is facing at least three class-action lawsuits.

CEO Brian Krzanich even used his keynote address at the Consumer Electronics Show (CES) in Las Vegas to assure customers that fixes were forthcoming, and the fixes duly arrived amid concern at their effectiveness and impact on other system components.

The Meltdown and Spectre exploits affect just about every single processor made over the past 20 years. Chips made by ARM manufacturers and AMD are also impacted.

Essentially, the vulnerabilities affect the kernel of the chips and could allow an attacker to read information that should otherwise be inaccessible. This means an attacker could obtain passwords, encryption keys or steal information from other applications.

Quiz: What do you know about Intel?

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Malicious Online Ad Campaign Steals User Logins

'Magnat' malicious advertising campaign uncovered by Cisco Talos has been stealing login credentials and other…

21 hours ago

Waymo, Nuro Launch Robo-Delivery Services In California

Cruise starts robo-delivery service in Mountain View as Waymo plans limited trial of grocery-delivery service…

22 hours ago

NSO Spyware ‘Used To Hack US Diplomats’

Apple alerts employees of US State Department of hacking by NSO Group's controversial Pegasus spyware…

22 hours ago

Starlink Plans Services In India As SpaceX Breaks Launch Record

Starlink to apply for commercial licence to provide satellite broadband services in India, as parent…

23 hours ago

Musk Tesla Share Sale Surpasses $10bn

Elon Musk's Tesla share sell-off surpasses $10 billion as it reaches into fourth consecutive week,…

23 hours ago

Uber To Pay $9m Settlement Over Safety Reporting Failure

Uber agrees to pay $9 million to settle dispute with California regulators over its failure…

24 hours ago