Building a slide deck, pitch, or presentation? Here are the big takeaways:
- Intel has released new patches for Haswell and Broadwell chipsets, fixing reboot flaws that plagued the previous fixes for the older model processors.
- As a reminder, Spectre and Meltdown affect nearly every modern computer, including mobile devices like iPhones. IT teams need to be ready to install the latest patches as soon as they're released, and extra precautions need to be taken to protect machines with processors that Intel hasn't patched yet.
Patches for Intel chips vulnerable to Spectre and Meltdown have been rolling out since the flaw was discovered in early January, 2018, and Intel has just announced patches for Broadwell and Haswell-family chipsets.
As our sister site ZDNet points out, the fixes for Broadwell and Haswell chips specifically addresses variant two of the three Meltdown and Spectre flaws and isn't the first patch to be released for the older-generation Intel chips.
Haswell and Broadwell chips, released in 2013 and 2014, respectively, were some of the most heavily hit by patch flaws that caused random reboots. This latest release is designed to fix those problems.
Spectre and Meltdown are the names for two separate flaws in Intel chip designs that allow a potential attacker to steal data from a processor's cache either by manipulating what it loads (Spectre) or a privilege escalation attack (Meltdown).
In both cases, the result of the attack is the compromise of sensitive data. What's worse, the flaws are due to actual hardware design, making software patches simply a bandaid until next generation chips roll out with a new design that prevents them from being exploited.
Spectre/Meltdown affects most everyone
This latest round of updates to older Intel chips should serve as a reminder to anyone with an Intel, Arm, or Apple computer that Spectre and Meltdown affects them.
While many newer chips have been patched, older hardware is still being fixed. These latest fixes target several different Haswell and Broadwell models, but as ZDNet points out, numerous there are several chipset fixes are still in beta testing or development: Sandy Bridge and Ivy Bridge fixes are only available to testers, as are Skylake Xeon E3 patches. Anyone running chips from those Intel families needs to be extra careful, as their machines could still be attacked.
SEE: Incident response policy (Tech Pro Research)
Spectre/Meltdown variant one couldwas able to be patched at the operating system level, but the particular problem addressed by the latest Intel updates targets variant two, which has to be fixed by a firmware update from Intel.
Those unsure of how to protect their computer from Spectre and Meltdown should refer to Intel's page on the flaws, which includes resources for installing patches and updates.
- IT pro's guide to effective patch management (free PDF) (TechRepublic)
- Meltdown-Spectre: Now the class action suits against Intel are starting to mount up (ZDNet)
- Intel chip vulnerabilities put millions of devices at risk of total takeover (TechRepublic)
- Intel names new technology chief amid Meltdown-Spectre fallout (ZDNet)
- Intel: Don't install our Spectre fix, risk of unwanted reboots is too great (TechRepublic)
Brandon Vigliarolo has nothing to disclose. He does not hold investments in the technology companies he covers.
Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.