Google claims to have a Spectre fix that doesn't slow down PCs

Adjust Comment Print

Reports of a bug in the firmware updates aimed at mitigating these issues, rolled out a week ago, are now causing the company to recommend some of its bigger customers and OEM partners to delay installing the latest patches.

Earlier on Thursday, the Wall Street Journal that Intel was asking cloud computing customers to hold off installing patches that address new security flaws that affect almost all of its processors because the patches have bugs of their own. However, the Meltdown and Spectre patches have reportedly slowed down the performance of systems.

Customers have complained to the company about a higher than usual level of system reboots following installation of the patches.

Yesterday, Intel CEO Brian Krzanich released a statement reiterating his company's attempts to fix the flaw.

Considering the scope and impact of Meltdown and Spectre, we expect we'll be talking about about the exploits and mitigation measures for a while.

With this fresh awakening of hardware security realities, Infosecurity will take a closer look at the story behind the vulnerabilities and how patches can be applied. The second Variant, which again is part of Spectre, proved much more hard to patch, as Google was specifically trying to avoid a hit to performance. This affects not just those using client-based Broadwell or Haswell processors but data centers as well. "If this requires a revised firmware update from Intel, we will distribute that update through the normal channels".

"We are working closely with them to correct an issue that paused the distribution of patches for some older AMD processors (AMD Opteron, Athlon and AMD Turion X2 Ultra families) earlier this week", Papermaster wrote".

Meltdown is a vulnerability which could be exploited by hackers to extract sensitive information as it basically "melts" the hardware-enforced security barrier between applications run by users and the computer's core memory.