Intel released a new update on the state of the Meltdown and Spectre patches that reveals the reboot errors that it previously disclosed, which plague Broadwell and Haswell systems, but also impact Kaby Lake, Skylake, Ivy Bridge, and Sandy Bridge processors.
Here is Intel's statement on the reboot issues in full:
We have now issued firmware updates for 90 percent of Intel CPUs introduced in the past five years, but we have more work to do. As I noted in my blog post last week, while the firmware updates are effective at mitigating exposure to the security issues, customers have reported more frequent reboots on firmware updated systems.
As part of this, we have determined that similar behavior occurs on other products in some configurations, including Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms. We have reproduced these issues internally and are making progress toward identifying the root cause. In parallel, we will be providing beta microcode to vendors for validation by next week.
For those customers looking for additional guidance, we have provided more information on this Intel.com Security Center site. I will also continue to provide regular updates on the status.
Intel issued the update as part of a broader update on the performance impact of the patches on data center workloads. The rolling nature of the updates, and the early teething pains highlight that the patches for the vulnerabilities are still very much in their infancy. That means that the performance impact is far from a settled matter.
The buggy firmware updates were distributed to motherboard vendors as part of a BIOS update. Many of the vendors, such as MSI, ASUS, and Gigabyte, have issued press releases announcing the new BIOS revisions this week, but for now, it might not be wise to update to those versions. Users that haven't installed the latest BIOS are not affected, and Intel says that new patches will enter the validation phase early next week.
There are currently no known exploits being used in the wild for these vulnerabilities, so most users should be fine waiting for the update, but each user will have to make that decision based on their potential exposure. In related news, Microsoft pushed a patch yesterday that corrects some of the issues with AMD processors.
The unexpected reboots with Intel systems could be a huge problem in the mission-critical applications, such as in the data center, so it appears that Intel's woes are only intensifying.