Intel Corp has asked computer makers to stop rolling out a set of faulty patches it issued to fix security flaws in its chips and instead start testing an updated version.
The company said on Monday that it wanted computer manufacturers and data center owners to stop using the current fixes for the so-called Meltdown and Spectre security flaws.
These flaws can let hackers steal sensitive information from computers made with its processors.
Intel has asked computer makers to stop rolling out a set of faulty patches it issued to fix security flaws in its chips and instead start testing an updated version. The company said it wanted computer manufacturers and data center owners to stop using the current fixes
The patches, which the company spent months crafting, cause computers to reboot more often than normal.
Instead, Intel asked customers to start testing an updated version of its patches that it began sending out on Saturday and Sunday.
Intel also said it had identified the root cause of the reboot problem in its older Broadwell and Haswell processors.
According to general manager of Intel’s data center group, Navin Shenoy, the firm has ‘made good progress in developing a solution to address it.’
The security fixes could cause computers using its older Haswell and Broadwell processors, produced in 2013 and 2014, to reboot more often than normal (stock image)
‘Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed,’ Shenoy wrote in an update about the issue on the company’s website.
‘We ask that our industry partners focus efforts on testing early versions of the updated solution so we can accelerate its release,’ Shenoy continued.
‘I apologize for any disruption this change in guidance may cause.’
On Jan. 3 Intel confirmed that Spectre and Meltdown affected its chips.
MELTDOWN AND SPECTRE
Security researchers at Google’s Project Zero computer security analysis team, in conjunction with academic and industry researchers from several countries, exposed the two flaws in January.
Meltdown, which is specific to Intel chips, lets hackers bypass the hardware barrier between applications run by users and the computer’s memory, potentially letting hackers read a computer’s memory.
It was first discovered by Project Zero in June last year, when expert Jann Horn found that passwords, encryption keys, and sensitive information open in applications that should have been protected could be accessed.
Details emerged about two massive security flaws which put billions of people worldwide at risk of being hacked. Meltdown and Spectre could let cyber criminals steal data from nearly every computing device containing chips from Intel, AMD and Arm
A second bug, called Spectre, affects chips from Intel, AMD and Arm.
This lets hackers potentially trick otherwise error-free applications into giving up secret information.
Project Zero disclosed the Meltdown vulnerability not long after Intel said it’s working to patch it.
Intel says the average computer user won’t experience significant slowdowns as it’s fixed.
Meltdown was specific to chips from Intel, as well as one from Softbank Group Corp’s ARM Holdings.
Spectre affected nearly every modern computing device, including those with chips from those companies and Advanced Micro Devices Inc .
As Intel began to roll out patches for the flaws, problems cropped up.
On Jan. 11, Intel acknowledged that the patches were causing higher reboot rates in its older chips.
Last week, Intel said the problem also affected its most recent Ivy Bridge, Sandy Bridge, Skylake and Kaby Lake processors.