Intel Admits Flaws in Its Patches for Meltdown and Spectre Also Involve Newer Chips

Intel has been putting out fires for the last couple of weeks, explaining to its data center clients the reasons behind the higher reboot rates for its processors they have been experiencing, which are in large part caused by Meltdown and Spectre security issues.

Patches addressing security flaws identified by the company will affect the Sandy Bridge, Sky Lake, Ivy Bridge, and Kaby Lake processors specifically, according to an official statement from Intel General Manager of the Data Centre Group, Navin Shenoy. Among the group of 4, Kaby Lake chips are the newest that were developed by the company, although the company confirmed that it had also received reports about problematic patches even from its older Haswell and Broadwell chips. This means that the problem may be bigger than Intel had originally anticipated.

The issue began on January 3rd with a stern announcement from Intel that it and other tech companies had been “made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed,” exposing its customers to potential hackers.

Beyond updates and other efforts to reassure its customers, to address the problem, the company did promise that the first versions of repairs for the faulty patches would be sent out as soon as early next week. “We have reproduced these issues internally and are making progress toward identifying the root cause,” Shenoy shared in a statement.

In terms of the Spectre flaw, the company confirmed that a broad range of modern computing devices, including those with Intel, ARM Holdings, and Advanced Micro Devices Inc (AMD.O) linked-chips would also be affected. On Wednesday, Intel attempted to quantify the impact that the faulty patches would have on data center customers:

• For running website servers, Intel reported a slowdown of only 2 percent.

• A separate test designed to simulate online transactions that would be carried out at a stock brokerage revealed a 4 percent slowdown.

• For servers carrying out work that involves more significant amounts of data storage—with the need to access and retrieve the data quickly—Intel estimated a slowdown ranging from 18 percent to 25 percent. The company did not specifically cite, however, the frequency of these types of incidents.

[see-also]

It’s often difficult for tech giants to find the balance in this area: they need to pursue a proactive plan of investigating complaints and deciding on a course of full and complete disclosure, often within hours of receiving complaints. After all, when Shenoy was providing details behind why there seemed to be a problem with patches linked to 90 percent of Intel chips in the past 5 years, he said that Intel simply had “more work to do.” It’s difficult to say whether his intention was to be vague, or to offer a completely honest answer based on the information at hand.

In our global market that grows increasingly more customer-oriented, phrases like We’re working on it or We’ll get back to you do not seem to be enough: in some ways in the past two decades the customer base that companies cultivate place customer service and satisfaction on the same footing with product integrity. Collectively, we’ve grown more impatient than ever in seeking solutions to various tech problems that arise, from the routine to the extraordinary.

Between expectations for perfect customer care and perfect product offerings, something will have to give.