Linked by Thom Holwerda on Mon 29th Jan 2018 23:17 UTC

Microsoft has released an update that disables Intel's microcode Spectre mitigations.

Intel has reported issues with recently released microcode meant to address Spectre variant 2 (CVE 2017-5715 Branch Target Injection) - specifically Intel noted that this microcode can cause "higher than expected reboots and other unpredictable system behavior" and then noted that situations like this may result in "data loss or corruption". Our own experience is that system instability can in some circumstances cause data loss or corruption. On January 22, Intel recommended that customers stop deploying the current microcode version on affected processors while they perform additional testing on the updated solution. We understand that Intel is continuing to investigate the potential effect of the current microcode version, and we encourage customers to review their guidance on an ongoing basis to inform their decisions.

This whole thing is a mess.

Permalink for comment 653339
To read all comments associated with this story, please click here.
by project_2501 on Tue 30th Jan 2018 12:26 UTC
Member since:

Just wait to IME starts to show vulnerabilities...

.. its way more complex (harder to understand and get right).. and the exploits will be extremely difficult to even detect... Because the Intel IME is designed like a spyware platform.

You ain't seen nuffin'yet.

Reply Score: 1