On Jan. 3 the company has confirmed that its chips were affected by the Meltdown and Spectre flaws, possibly allowing hackers reach information supposed to be very secure. As we continue these efforts, I would like to express my appreciation to many of our partners, including Dell, HPE, HPI, Lenovo and Microsoft, for joining our Security-First Pledge.
According to Intel, the security updates do protect the chips against the potential Meltdown and Spectre attacks, but once the firmware is updated, the machines with newer chips are rebooting more frequently.
"We have reproduced these issues internally and are making progress toward identifying the root cause", Shenoy wrote.
"The January 2018 Critical Patch Update provides fixes for certain Oracle products for the Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities", the vendor said.
Intel has recommitted to supporting customers as it addresses the Spectre and Meltdown exploits that came to light this month.
Navin Shenoy, Intel's EVP and GM of the datacenter group, has also released test data on the performance impact of the firmware updates on servers running its latest Skylake-based server Xeon Scalable systems.
In a news update which clarified that firmware updates have now been issued for 90% of Intel's processors introduced in the past five years, as planned, Intel restated that some customers have reported "more frequent reboots" on Haswell and Broadwell (4th and 5th-gen CPUs) powered PCs after the patch had been applied. Now, Intel has admitted that the firmware updates could cause the same problems on systems using newer processors.
Intel says workloads with more user/kernel privilege changes and which spend a lot of time in privileged mode are more adversely impacted. Another test that replicated online transactions at a stock brokerage disclosed a 4 percent slowdown. When CPU utilisation was low (100% read case), as is the case with common storage provisioning, there was an increase in CPU utilisation, but no throughput performance impact.
Intel issued the update as part of a broader update on the performance impact of the patches on data center workloads. More details on some of these options can be found in our white paper and in Google's post on their "Retpoline" security solution.