The firmware patches designed to protect Intel processors against nasty Spectre CPU exploits have a big downside: They’re forcing more frequent reboots and other performance issues on some systems, including PCs that released in 2017. The problem is severe enough that Intel is now recommending that users not install currently available patches and instead wait for new ones to be released.
“We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it,” Intel executive vice president Navin Shenoy said in a January 22 post. “We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior.”
The advice reverses Intel’s previous guidance, which said users should install the CPU firmware patches despite the risk of more frequent system reboots. Although Shenoy’s post only explicitly mentions Broadwell and Haswell chips, Intel’s new microcode revision guidance states that the advice applies to more modern chips as well.
On January 11, Intel confirmed that the firmware patches prompted more frequent reboots in Haswell (2013) and Broadwell (2014) systems. A week later, Intel revealed that many other processor generations also succumb to the reboot bug: Sandy Bridge (2011), Ivy Bridge (2012), Skylake (2015), and Kaby Lake (2017). The January 22 microcode revision guidance says current 8th-gen “Coffee Lake” CPUs are also affected by the issue.
“Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed,” Shenoy says.
Keep an eye out for those new firmware updates, which will come from your PC hardware vendor (HP, Dell, Asus, et cetera) rather than Intel itself. Spectre attacks haven’t been observed in the wild, but now that the exploits have been published, they’re no doubt coming. AMD says its processors face “near-zero” risk from the Spectre variant that requires a microcode update, but it is nevertheless releasing optional firmware updates for its chips.
Attackers need to be able to run code on your PC to exploit the CPU flaws. Staying strong on the security front can keep malware that gives hackers access to your PC off your PC. PCWorld’s review of the best antivirus suites can help you find solid protection. But guarding against these exploits requires more than security software and fresh firmware. These flaws touch every aspect of your computer. Check out PCWorld’s guide on how to protect your PC against Meltdown and Spectre for everything you need to know.
Editor’s note: This article originally published on January 18, 2017, when Intel admitted the issue affects more than just Broadwell and Haswell chips. It was updated on January 22 when Intel advised users to stop installing the first set of CPU firmware patches.