Security

New Spectre fix from Intel will protect these recent PCs and servers

New firmware will help protect systems running on sixth-, seventh- and eighth-generation Intel Core processors against attacks exploiting modern CPU flaws.

Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • Spectre and Meltdown are vulnerabilities in modern chip design that could allow attackers to bypass system protections on nearly every recent PC, server and smartphone
  • Intel's new firmware will help protect systems running on sixth-, seventh- and eighth-generation Intel Core processors against Spectre variant 2 attacks.

Intel has released a patch for newer processors to guard against the Spectre CPU flaw, replacing an earlier update that caused PCs to randomly reboot.

The new firmware will help protect systems running on sixth-, seventh- and eighth-generation Intel Core processors against Spectre variant 2 attacks. These processors can be found in Intel Core PCs made from 2015 through to 2018 and go under the codenames of Kaby Lake, Coffee Lake, and Skylake.

Spectre and Meltdown are vulnerabilities in modern chip design that could allow attackers to bypass system protections on nearly every recent PC, server and smartphone — allowing hackers to read sensitive information, such as passwords, from memory.

SEE: Information security incident reporting policy (Tech Pro Research)

The initial update that Intel released to mitigate against Spectre variant 2 attacks was withdrawn after it triggered unwanted reboots on a range of PCs and servers.

Navin Shenoy, Intel executive vice president and general manager of its data center group, offered a reassurance that these latest patches are only being rolled out following "extensive testing by customers and industry partners to ensure the updated versions are ready for production".

In most cases, the new patch will be made available via firmware updates from PC and server manufacturers. Shenoy also highlighted Retpoline, a Google-developed mitigation technique for variant 2 attacks, which Google says mitigates attacks without a significant hit on performance.

Intel has said it also intends to release new Spectre variant 2 firmware for older processors, for example, Intel Core processors from the Haswell and Broadwell generation.

Intel is not the only company to have issued patches against Spectre and Meltdown that have caused instability and performance issues on PCs and servers.

Last month, Microsoft warned that Windows PCs wouldn't receive any further security updates until third-party AV software is verified as compatible with the Spectre and Meltdown patches released for Windows.

Microsoft and chipmaker AMD also worked together to fix problems after the patches caused computers running on some older AMD Opteron, Athlon, and AMD Turion X2 Ultra processors to hang when booting.

Earlier this month, Microsoft released a new dashboard for its Windows Analytics service, which it said is designed to help IT admins understand which patches they should and shouldn't install on their IT estate.

You can find a list of Intel processors and the recommended patches for each here.

Patching against Spectre variant 2 attacks has proven to be particularly difficult, due to the way they exploit a fundamental feature of modern CPUs, specifically their use of branch prediction and speculative execution to accelerate the rate at which they operate, and new variants of Meltdown and Spectre exploits are still being discovered.

Also see

spctremeltdown.jpg
Image: iStockphoto/cherezoff

About Nick Heath

Nick Heath is chief reporter for TechRepublic. He writes about the technology that IT decision makers need to know about, and the latest happenings in the European tech scene.

Editor's Picks

Free Newsletters, In your Inbox