Intel has released new firmware to protect against the Spectre CPU flaw after the original patch caused computers to randomly reboot.
The firmware update will be applied to PCs and servers with Intel Skylake processors and will be tested by PC makers and large tech firms before being rolled out to the general public.
Intel says it will also release updated firmware for its older processors — with the Haswell and Broadwell architecture — in the coming days.
The original firmware released by Intel to mitigate attacks exploiting variant 2 of the Spectre CPU flaw was withdrawn after increasing the risk of PCs and servers suffering unwanted reboots.
Spectre and Meltdown are vulnerabilities in modern chip design that could allow attackers to bypass system protections on nearly every recent PC, server and smartphone—allowing hackers to read sensitive information, such as passwords, from memory.
SEE: Incident response policy (Tech Pro Research)
Despite the problems the earlier firmware updates caused, Navin Shenoy, executive vice president and general manager of the data center group at Intel, said it is important for firms to install the new patches as soon as possible.
"I can't emphasize enough how critical it is for everyone to always keep their systems up-to-date," he said.
In the hurry to issue patches there have been multiple instances of Spectre- and Meltdown-related updates causing instability and performance issues in computers.
Last month, Microsoft warned that Windows PCs wouldn't receive any further security updates until third-party AV software is verified as compatible with the Spectre and Meltdown patches released for Windows.
Microsoft and chipmaker AMD also worked together to fix problems after the patches caused computers running on some older AMD Opteron, Athlon and AMD Turion X2 Ultra processors to hang when booting.
Intel is working on a new design for its processors to mitigate the threat posed by the Spectre and Meltdown vulnerabilities, according to CEO Brian Krzanich, as is AMD to reduce the risk from Spectre.
However, the extent to which AMD and Intel will be able to eliminate these vulnerabilities from future processors is less clear, especially in the case of the Spectre vulnerability, which exploits a fundamental feature of modern CPUs.
- Intel: Don't install our Spectre fix, risk of unwanted reboots is too great (TechRepublic)
- Intel chips have critical design flaw, and fixing it will slow Linux, Mac, and Windows systems (TechRepublic)
- 26% of organizations haven't yet received Windows Meltdown and Spectre patches (TechRepublic)
- Meltdown-Spectre: More businesses warned off patching over stability issues (ZDNet)
- Intel halts some chip patches as the fixes cause problems (CNET)
- Spectre flaw: Dell and HP pull Intel's buggy patch, new BIOS updates coming (ZDNet)
- Spectre-Meltdown glitches: Intel warns that new PCs, servers also risk unexpected reboots (TechRepublic)
- This fake Spectre/Meltdown patch will infect your PC with malware (TechRepublic)
- Spectre and Meltdown: Insecurity at the heart of modern CPU design (ZDNet)
- How to protect yourself from Meltdown and Spectre CPU flaws (CNET)
Nick Heath is chief reporter for TechRepublic. He writes about the technology that IT decision makers need to know about, and the latest happenings in the European tech scene.