Intel promises transparency as Meltdown patch causes reboot problems with Broadwell and Haswell chips
Intel CEO Brian Krzanich has written an open letter to the technology community addressing the fallout from the Meltdown and Spectre vulnerability revelations. In it he promises transparency from the company and reiterates a previous promise that patches will be made available for the majority of processors by next week.
The letter comes as users of systems with Broadwell and Haswell chips report problems with increased reboots.
- Intel releases benchmark results detailing Meltdown patch performance slowdown
- Microsoft and Intel reveal just how much Meltdown and Spectre patches slow PCs
- Microsoft pausing the rollout of Spectre and Meltdown patches to AMD systems
- Microsoft releases PowerShell script to check if your PC is vulnerable to Meltdown and Spectre
Krzanich uses his letter to thank Google's Project Zero for identifying the Meltdown and Spectre problems, and also for practicing responsible disclosure. He uses the letter to set out a series of promises which he describes as "Intel's commitments to our customers."
He makes three pledges:
- Customer-First Urgency: By Jan. 15, we will have issued updates for at least 90 percent of Intel CPUs introduced in the past five years, with updates for the remainder of these CPUs available by the end of January. We will then focus on issuing updates for older products as prioritized by our customers.
- Transparent and Timely Communications: As we roll out software and firmware patches, we are learning a great deal. We know that impact on performance varies widely, based on the specific workload, platform configuration and mitigation technique. We commit to provide frequent progress reports of patch progress, performance data and other information. These can be found at the Intel.com website.
- Ongoing Security Assurance: Our customers' security is an ongoing priority, not a one-time event. To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities following rules of responsible disclosure and, further, we commit to working with the industry to share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks. We also commit to adding incremental funding for academic and independent research into potential security threats.
In a separate post, Intel's Navin Shenoy acknowledges problems caused by installing the patches designed to fix Spectre and Meltdown. He says:
We have received reports from a few customers of higher system reboots after applying firmware updates. Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center. We are working quickly with these customers to understand, diagnose and address this reboot issue. If this requires a revised firmware update from Intel, we will distribute that update through the normal channels. We are also working directly with data center customers to discuss the issue.
He says that users should continue to apply any updates that are made available for their systems.