Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel Replaces its Buggy Fix for Skylake PCs (zdnet.com)

Posted by msmash on from the better-late-than-ever dept.

Intel has released new microcode to address the stability and reboot issues on systems after installing its initial mitigations for Variant 2 of the Meltdown and Spectre attacks. From a report: The stability issues caused by Intel's microcode updates resulted in Lenovo, HP, and Dell halting their deployment of BIOS updates last month as Intel worked to resolve the problems. Intel initially said unexpected reboots were only seen on Broadwell and Haswell chips, but later admitted newer Skylake architecture chips were also affected. Microsoft also said it had also seen Intel's updates cause data loss or corruption in some cases.

9 of 57 comments (clear)

  1. So wait a minute... by ckatko · · Score: 5, Funny

    ...Intel releases a fix to fix the fix that fixed what it was supposed to fix, but broke more stuff.

    Is that right?

    1. Re:So wait a minute... by jwhyche · · Score: 4, Informative

      Sounds spot on.

      --
      I read at +2. If your post doesn't reach that level I will not see or respond to it.
  2. Cure is worse than the disease by JoeyRox · · Score: 5, Interesting

    It seems to me the best way for Intel to pevent Meltdown exploits is by disabling Intel's TSX functionality (which I believe microcode can do), along with OS logic to terminate processes which generate an excessive number of protection exceptions for the same portion of code. The TSX change will force an exploit to throw exceptions for the indirect-memory access loop that probes for data values, and the OS change will then identify processes incurring these repeated exceptions inside a single block of code and then terminating it.

    1. Re:Cure is worse than the disease by cfalcon · · Score: 3, Interesting

      > is by disabling Intel's TSX functionality

      fucking AGAIN? Really????

      > (which I believe microcode can do)

      Yes, it can definitely disable TSX functionality. Like when TSX launched with Haswell, but it was fucked up, so they disabled it with microcode.
      Or when they fixed the Haswell problem and launched it with Broadwell, but it was fucked up, so they disabled with microcode.
      Skylake, of course, fixed the Broadewell problem...

      But now you're saying that TSX is the issue again? And that it needs to be disabled AGAIN? How many fucking chip generations do we have to go through before transactional fucking memory doesn't get patched out because OOPS it crashes the box or OOPS it gives double-super-ultra-root to enemy spies?

      Are you SURE that TSX is the issue? I didn't see anything in the article about TSX being the problem, but I'm not really read up on this.

    2. Re:Cure is worse than the disease by JoeyRox · · Score: 2

      Are you SURE that TSX is the issue? I didn't see anything in the article about TSX being the problem, but I'm not really read up on this.

      TSX is what allows a Meltdown exploit to do its indirect probing of kernel space without generating exceptions the OS can detect. This allows it to execute much faster, and also avoid detection if the OS added the type of logic I suggested in my post.

  3. Re:Thank you Intel by Opportunist · · Score: 3, Funny

    Well, at least your computer is now fixed the same way our dog is.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  4. Re:Exploited thru JavaScript by Anonymous Coward · · Score: 2, Informative

    No. JavaScript is a programming language, and can a browser's JavaScript can exploit a PC/Mac/Linux machine, just like any other executable. Firefox has recently issued a fix to partially mitigate of these attacks. I've heard that the hackers are seeking technical blogs on WordPress and other easily hacked CMSs, just so they can install coin mining and other more nefarious JS hacks. I've heard of at least one JS hack that uses Spectre to scan a target devices memory.

    TL;DR Browsers are just as vulnerable to Spectre and Meltdown as executable code. Visiting untrusted sites is almost on the same level as running random executables from the internet.

  5. Re:Thank you Intel by jwhyche · · Score: 4, Funny

    Well, at least your computer is now fixed the same way our dog is

    Speaking of. Have you ever noticed the difference between getting a dog and a cat fixed. A dog will wake up, go to lick its balls, and think "hey something is missing." But once you get them to the park with a ball, all if forgiven.

    Cats on the other, hand will sit across from you, staring at you going "where are they?"

    I think this fix is going to be something like a cat. It will just haunt you and haunt you....

    --
    I read at +2. If your post doesn't reach that level I will not see or respond to it.
  6. a hardware mod would be cool by FudRucker · · Score: 3, Funny

    find out if you can grind down a couple of pins on the CPU and the feature that became a vulnerable bug is just taken permanently out of the picture without ever needing a firmware/software fix

    --
    Politics is Treachery, Religion is Brainwashing