Intel put a stop request in for everyone to stop deploying Spectre updates for the time being.
In a case where the update may be worse than the problem, Intel wants to make sure everything is in working order before any fixes come into play.
The call came out after Red Hat stopped providing microcode to address variant 2 (branch target injection) of the attack.
Then the chip giant advised OEMs, cloud service providers, system manufacturers, software vendors and end users to stop deployment of current firmware updates that fix the same vulnerability.
“Red Hat is no longer providing microcode to address Spectre, variant 2, due to instabilities introduced that are causing customer systems to not boot. The latest microcode_ctl and linux-firmware packages are reverting these unstable microprocessor firmware changes to versions that were known to be stable and well tested, released prior to the Spectre/Meltdown embargo lift date on Jan 3rd,” Red Hat said last week.
The microcode Red Hat stopped providing is not of their making. These patches are provided and developed by CPU makers (Intel, AMD, Arm, etc.).
“The microcode that was supplied to us did not cover all of the microprocessors that our customers possibly could use. It appears, subsequently, there may have been two versions that could have some regressions,” Christopher Robinson, product security manager at Red Hat, said in a published report.
Intel instructed all customers to hold off on deploying current versions of the firmware updates, “as they may introduce higher than expected reboots and other unpredictable system behavior.”
“We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it. Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed,” said Navin Shenoy, Intel vice president and general manager of the Data Center Group at Intel Corporation in a post.
He asked industry partners to focus efforts on testing early versions of the updated solution so Intel can accelerate its release.