Chip giant admits patches will cause reboot problems for newer chips and clarifies likely performance impact
The fallout from the Meltdown and Spectre flaws continues after Intel admitted problems with the patches designed to fix the exploit.
Intel’s warning applies to data centre systems running newer chips when it revealed that its firmware updates designed to fix the Spectre and Meltdown exploits, are likely to result in more frequent reboots of the patched systems.
And Intel said that some website servers slowed down by 2 percent as a result of the patch. But other tests simulated online transactions at a stock brokerage showed a 4 percent slowdown, and servers shifting large amounts of data could see a 18 percent to 25 percent slowdown.
Intel’s admission of the performance price of the patches is a welcome development, after the chip giant had at first downplayed the likely performance impact of the patches, despite Microsoft warning that the fixes for Spectre and Meltdown were likely to have a ‘significant performance impact’ on some PCs or servers.
But now Intel has revealed that the performance hit will likely be very severe for some servers that store large amounts of data and try to retrieve it quickly.
And the bad news did not stop there, as Navin Shenoy, general manager of Intel’s data centre group, confirmed that patches for the security flaws can cause higher-than-expected reboot rates in Ivy Bridge, Sandy Bridge, Skylake and Kaby Lake processors.
Intel had said last week that it had received reports that its security patches were causing problems in systems with its older Broadwell and Haswell chips.
“We have now issued firmware updates for 90 percent of Intel CPUs introduced in the past five years, but we have more work to do,” he said. “As I noted in my blog post last week, while the firmware updates are effective at mitigating exposure to the security issues, customers have reported more frequent reboots on firmware updated systems.”
“As part of this, we have determined that similar behavior occurs on other products in some configurations, including Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms. We have reproduced these issues internally and are making progress toward identifying the root cause. In parallel, we will be providing beta microcode to vendors for validation by next week.”
The industry-wide processor vulnerabilities were discovered in early January, and straight away there was concern that the fix for the design flaw was likely to have a big impact on the performance of patched computers.
At first Intel did not deny that the fixes would have a performance impact, but downplayed talk of a slowdown despite expert warnings. Indeed Intel said that any downgrade in performance wouldn’t be noticeable to most users. Even still, the company is facing at least three class-action lawsuits.
CEO Brian Krzanich even used his keynote address at the Consumer Electronics Show (CES) in Las Vegas to assure customers that fixes were forthcoming, and the fixes duly arrived amid concern at their effectiveness and impact on other system components.
The Meltdown and Spectre exploits affect just about every single processor made over the past 20 years. Chips made by ARM manufacturers and AMD are also impacted.
Essentially, the vulnerabilities affect the kernel of the chips and could allow an attacker to read information that should otherwise be inaccessible. This means an attacker could obtain passwords, encryption keys or steal information from other applications.
Quiz: What do you know about Intel?