Intel announced that it has made progress in correcting the issue causing random reboots in the fix for the Spectre vulnerability that it issued to hardware partners earlier.
The news from Intel that the CPU microcode update, which it issued to patch the Spectre vulnerability, was inducing random system reboots just made the Meltdown/Spectre issue go from bad to worse. Intel first announced that the issue affected Haswell and Broadwell systems, but later expanded the list to include Kaby Lake, Skylake, Ivy Bridge, and Sandy Bridge. The issue was discovered after a huge amount of hardware partners had already issued the fix to their customers, leaving some stuck with the issue.
At the issue’s outbreak, Intel advised hardware partners to stop issuing updates for unpatched devices, but not to recall the updates they had already issued. Intel’s reasoning for this was that they still provided protection against the Spectre variant 2 vulnerability.
Intel says that it has root-caused the issue on Haswell and Broadwell systems and that it has already issued a version of the fix to hardware partners, which are currently testing it. Intel’s official advisory to hardware partners hasn’t changed: Don’t issue anymore of the bugged update and start testing the new one. However, Intel says it is also working to create a new version of its original update that removes Spectre variant 2-related fixes, but maintains Spectre variant 1 and Meltdown fixes. This new update will be made available for the interim period.
The announcement of the alternative update doesn’t inspire confidence that this reboot issue will be fixed shortly. It may be that Haswell and Broadwell fixes will arrive soon, but that the other processors will take longer to fix. It might also mean, though, that Intel’s doesn’t expect any fix to hit customers in short order. Intel’s only said that more details for regarding when the Haswell/Broadwell fix would arriving later this week.
The nature of the reboots, as well as what Intel’s original fix patched specifically, was always unclear, but the alternative fix brings even more confusion. First of all, while the original announcement only made reference to reboots (not crashes), the new announcement also mentions “other unpredictable system behavior.” Second, we now know that Intel’s fix does include changes for all three Meltdown/Spectre vulnerabilities. We had previously understood that Spectre variant 1 and Meltdown were fixed by software changes, but Intel might have made additional changes to optimize the performance impact.
We’ve contacted Intel to clarify what “other unpredictable system behavior” is caused by the original fix.