Dell and HP purge Intel’s Spetcre patch over reboot woes

Dell and HP have removed their respective BIOS updates carrying Intel’s microcode patches. 

The two computer giants purged current BIOS updates from their websites on Tuesday in response to Intel’s Monday advice for system makers to stop deploying it’s microcode patch because it caused unexpected reboots and other unpredictable behavior. 

The patch, delivered as a BIOS updates from hardware makers, causes stability issues on Intel’s Broadwell, Haswell, Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake processors. Intel has released an early fix for Broadwell and Haswell chips, which are currently being tested by partners, and plans to release fixes for newer chips soon. 

In the meantime, it’s given hardware makers like Dell and HP the option of using an earlier microcode patch that doesn’t cause reboots but also doesn’t include its mitigation for Variant 2 Spectre, a "branch target injection" attack. 

Intel's microcode patch introduces IBRS or Indirect Branch Restricted Speculation and others mitigations, which Linux kernel founder Linus Torvalds this week has called "utter garbage" due to the performance overhead IBRS causes on current hardware. Google has developed an alternative fix for Variant 2 called Retpoline, which doesn't cause the same performance impact.  

Dell’s new advisory also tells customers stop deploying its BIOS update for Variant 2. It’s encouraging PowerEdge Server and Dell Datacenter Scalable Solutions customers who’ve already deployed it to roll back to a previous BIOS update if they’re concerned about stability. 

“Dell is advising that all customers should not deploy the BIOS update for the Spectre (Variant 2) vulnerability at this time. We have removed the impacted BIOS updates from our support pages and are working with Intel on a new BIOS update that will include new microcode from Intel,” it says. 

HP likewise has removed its softpaqs BIOS updates with Intel microcode patches from its website. HP will reissue its BIOS softpaqs with Intel’s older microcode patch — that is, without Variant 2 mitigations — on January 25. HP will then issue revised softpaq updates once Intel has fixed the issue and reissued new microcode to HP.    

Lenovo notes on its Meltdown and Spectre support page that it has withdrawn Intel patches, which are included in its UEFI or BIOS updates, from numerous desktop, laptop and server products. The halted patches affect PCs running Kaby Lake, Broadwell and Haswell chips. The pulled patches for its enterprise systems cover data centre equipment running Broadwell and Haswell chips. 

The halt on Intel's microcode patches doesn't apply to patches for Variant 1 (Spectre) and Variant 3 (Meltdown), which require fixes from operating system vendors.  

Intel was aiming to have delivered firmware patches to all CPUs made in the past five years by the end of January, and earlier this month claimed it had patched 90 percent of these CPUs. Intel hasn't clarified yet when it will reissue revised firmware patches, but has said the fixes for Broadwell and Haswell chips will help it deliver fixes for newer chips.    

Join the newsletter!

Or
Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags HPintelDellcyber securitymeltdownspectre

More about DellGoogleHPIBRSIntelLakeLenovoLinux

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

More videos

Blog Posts