The news will apparently get worse before it gets any better for Intel, as the company updated their security recommendations for the Spectre/Meltdown patches for affected CPUs to address post-patch system restart issues. Specifically, Intel notes that issues may be introduced in some configurations with the current patches, though the company does not recommend discontinued use of such updates:
" Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations".
Image credit: HotHardware
The recommendation section of the security bulletin, updated yesterday (January 17, 2018), is reproduced below:
- Intel has made significant progress in our investigation into the customer reboot sightings that we confirmed publicly last week
- Intel has reproduced these issues internally and has developed a test method that allows us to do so in a predictable manner
- Initial sightings were reported on Broadwell and Haswell based platforms in some configurations. During due diligence we determined that similar behavior occurs on other products including Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake based platforms in some configurations
- We are working toward root cause
- While our root cause analysis continues, we will start making beta microcode updates available to OEMs, Cloud service providers, system manufacturers and Software vendors next week for internal evaluation purposes
- In all cases, the existing and any new beta microcode updates continue to provide protection against the exploit (CVE-2017-5715) also known as “Spectre Variant 2”
- Variants 1 (Spectre) and Variant 3 (Meltdown) continue to be mitigated through system software changes from operating system and virtual machine vendors
- As we gather feedback from our customers we will continue to provide updates that improve upon performance and usability
Intel recommendations to OEMs, Cloud service providers, system manufacturers and software vendors
- Intel recommends that these partners maintain availability of existing microcode updates already released to end users. Intel does not recommend pulling back any updates already made available to end users
- NEW – Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations
- NEW – We further recommend that OEMs, Cloud service providers, system manufacturers and software vendors begin evaluation of Intel beta microcode update releases in anticipation of definitive root cause and subsequent production releases suitable for end users
Intel recommendations to end users
- Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied
- For PCs and Data Center infrastructure, Intel recommends that patches be applied as soon as they are available from your system manufacturer, and software vendors
- For data center infrastructure, Intel additionally recommends that IT administrators evaluate potential impacts from the reboot issue and make decisions based on the security profile of the infrastructure
Intel has worked with operating system vendors, equipment manufacturers, and other ecosystem partners to develop software updates that can help protect systems from these methods. End users and systems administrators should check with their operating system vendors and apply any available updates as soon as practical.
The full list of affected processors from Intel's security bulletin follows:
- Intel® Core™ i3 processor (45nm and 32nm)
- Intel® Core™ i5 processor (45nm and 32nm)
- Intel® Core™ i7 processor (45nm and 32nm)
- Intel® Core™ M processor family (45nm and 32nm)
- 2nd generation Intel® Core™ processors
- 3rd generation Intel® Core™ processors
- 4th generation Intel® Core™ processors
- 5th generation Intel® Core™ processors
- 6th generation Intel® Core™ processors
- 7th generation Intel® Core™ processors
- 8th generation Intel® Core™ processors
- Intel® Core™ X-series Processor Family for Intel® X99 platforms
- Intel® Core™ X-series Processor Family for Intel® X299 platforms
- Intel® Xeon® processor 3400 series
- Intel® Xeon® processor 3600 series
- Intel® Xeon® processor 5500 series
- Intel® Xeon® processor 5600 series
- Intel® Xeon® processor 6500 series
- Intel® Xeon® processor 7500 series
- Intel® Xeon® Processor E3 Family
- Intel® Xeon® Processor E3 v2 Family
- Intel® Xeon® Processor E3 v3 Family
- Intel® Xeon® Processor E3 v4 Family
- Intel® Xeon® Processor E3 v5 Family
- Intel® Xeon® Processor E3 v6 Family
- Intel® Xeon® Processor E5 Family
- Intel® Xeon® Processor E5 v2 Family
- Intel® Xeon® Processor E5 v3 Family
- Intel® Xeon® Processor E5 v4 Family
- Intel® Xeon® Processor E7 Family
- Intel® Xeon® Processor E7 v2 Family
- Intel® Xeon® Processor E7 v3 Family
- Intel® Xeon® Processor E7 v4 Family
- Intel® Xeon® Processor Scalable Family
- Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
- Intel® Atom™ Processor C Series
- Intel® Atom™ Processor E Series
- Intel® Atom™ Processor A Series
- Intel® Atom™ Processor x3 Series
- Intel® Atom™ Processor Z Series
- Intel® Celeron® Processor J Series
- Intel® Celeron® Processor N Series
- Intel® Pentium® Processor J Series
- Intel® Pentium® Processor N Series
We await further updates and developments from Intel, system integrators, and motherboard partners.
I guess that makes gen 9 up
I guess that makes gen 9 up to 25% faster than gen 8?
Major architectural changes
Major architectural changes will not be seen for roughly 3-4 years. Gen 9’s designs should be done before it was even found.
Glad I didn’t bother patching
Glad I didn’t bother patching my PC now.
Might be easier if they just
Might be easier if they just list the non-affected processors.
Maybe not enough man power or
Maybe not enough man power or scared it might backfire
Thanks for the updates
Thanks for the updates Sebastian! Would be interested to hear when other vendors issue a statement.
My Gigabyte Z170 Gaming 7 is passing 3d Mark stress tests with flying colors. But Wolfenstein 2 has very random hard freeze and then reboot.
Unclear if related.
I’ll let you know if my 8
I’ll let you know if my 8 year old i7 980xe at 4.3ghz with 1080ti ftw3 at 3440 x1440 max settings with dsr @ 100hz gsync has that problem with Wolfenstein 2, I’m in the middle of the single player campaign.
Even though different CPU generations older generations will likely suffer more although the extra cores might help.
With updated windows 10 and
With updated windows 10 and no new bios update and current drivers Wolfenstein 2 still running buttery smooth. Nothing out of the ordinary.