Kioxia Exceria 1TB M.2 NVMe SSD review
Samsung 870 QVO 2TB SSD review
Guru3D Rig of the Month - June 2020
ASUS ROG Strix Z490-E Gaming review
MSI MEG Z490 Godlike review
TeamGroup Cardea Zero Z340 M.2 NVMe review
AMD Ryzen RAM scaling - performance effect in games
Elgato WAVE:3 review
Gigabyte B550i Aorus PRO AX review
ASUS STRIX B550-F Gaming review
Intel Has to Delay Patches for new Spectre-NG Vulnerabilities
Last week we reported about Spectre-NG, eight new vulnerabilities similar to Spectre, of which four tagged as critical have been detected. Intel would have been working behind scenes on patching the new vulnerabilities, as it now seems it will take at least another two weeks before Intel can release the initial patches.
The news is reported today by Heise in Germany and is based on sources that are familiar with Intel's patch plans. From the looks of it, Intel is not capable of finishing up the patches before the disclosure publication date of what the new vulnerabilities mean and are. Up-to-now, any and all technical information on the Spectre-NG variants are disclosed. Likely all detected and to be published by Google Project Zero.
Intel set a new target for initial patches and firmware updates at the 21st of May, however also indicated they might not make that date and if so, requested technical disclosure until July 10th 2018. New microcode updates are due to be released on this date. At the same time, technical information on the nature of at least two of the Specter NG vulnerabilities are likely to be published. Heise states that a wide number of systems would be affected by the leaks including pretty much Core-i processors, Xeon variants, as well as Pentium and Celeron proc based Atom CPUs released ever since 2013. Later in August, it will address and patch the most serious leak that involves virtualized environments like cloud hosts, making it possible to obtain secure information directly from the CPU. The patch date for that specific vulnerability would be August 14 according to Heise. AMD has indicated it is investigating all reports. It is completely unclear whether the company was affected by the vulnerabilities as well.
To secure the architecture, Intel plans a combination of hardware updates in the form of new microcode and software improvements that the operating system manufacturers have to implement.
Intel has problems with 10nm and moves volume production towards 2019 - 04/27/2018 07:49 AM
In extra notes that originate from Intels quarterly figures it looks like Intel is fighting 10nm production, according to the publication of the quarterly figures of the company it will start produc...
Intel halts developing head-up display based Vaunt glasses, also closes gadget department - 04/19/2018 09:34 AM
Intel confirmed that the Vaunt glasses are not on the market, not even for developers. The project has been completely halted, Intel also closed the underlying division, where these products are devel...
Intel Halts Certain UEFI BIOS Class Level 2 Compatibility Modes In 2020 - 11/17/2017 09:12 AM
Intel will halt UEFI bios compatibility class 0, 1 and 2 support in 2020. From that moment onwards only UEFI class 3 will be supported. This means that Intel platforms cannot boot through the Comp...
Intel Halts Xeon Phi accelerator Knights Hill Development - 11/15/2017 09:32 AM
Intel adjusted its roadmap to focus on high-performance exascale computing. Part of this .plan is scrapping the previously announced Knights Hill based Xeon Phi accelerators. The product line has be...
Intel Halts Sales Broadwell-E Intel Core i7 6800K, 6850K, 6900K & 6950X go EOL - 11/09/2017 01:42 PM
In a product notification, Intel let know it will be ending their shipments of Broadwell-E processors, these would include the Intel Core i7 6800K, 6850K, 6900K and the 10-core 6950X...
Silva
Senior Member
Posts: 1122
Joined: 2013-06-04
Senior Member
Posts: 1122
Joined: 2013-06-04
#5544549 Posted on: 05/07/2018 04:56 PM
What happened to the "24 hour response time and then we release the information to the public"? :p
Making something safe is hard, but they better step up their game and release the patches already.
And goodbye Intel performance lead ahahah.
What happened to the "24 hour response time and then we release the information to the public"? :p
Making something safe is hard, but they better step up their game and release the patches already.
And goodbye Intel performance lead ahahah.
alanm
Senior Member
Posts: 9288
Joined: 2004-05-10
Senior Member
Posts: 9288
Joined: 2004-05-10
#5544550 Posted on: 05/07/2018 04:58 PM
Have a feeling we've not seen the last of this.
Have a feeling we've not seen the last of this.
BigMaMaInHouse
Senior Member
Posts: 137
Joined: 2016-10-11
Senior Member
Posts: 137
Joined: 2016-10-11
#5544560 Posted on: 05/07/2018 06:08 PM
LOL, Intel gave us tick and tock "upgrades" for each new gen for past 10 years, and now with each vulnerabilities patch they are goin tick and tock backwards lol.
If this trend continuous- Hilbert should make "AMD FX-8370 comeback" review and it could be really funny review
.
LOL, Intel gave us tick and tock "upgrades" for each new gen for past 10 years, and now with each vulnerabilities patch they are goin tick and tock backwards lol.
If this trend continuous- Hilbert should make "AMD FX-8370 comeback" review and it could be really funny review
.
schmidtbag
Senior Member
Posts: 5029
Joined: 2012-11-10
Senior Member
Posts: 5029
Joined: 2012-11-10
#5544562 Posted on: 05/07/2018 06:15 PM
This has been theorized a hundred times over. Even a decade ago it was thought that Intel was creating NSA backdoors; this is nothing new or surprising. There's no definitive proof that these vulnerabilities are related, but it's easy to assume they are.
Also, not every CPU is affected by these vulnerabilities, because:
1. There are a handful of architectures that don't appear to be affected at all (such as MIPS).
2. Of the CPUs that are vulnerable, not all of them have all vulnerabilities; Intel just happens to have the most serious and easily-exploitable ones.
3. There are plenty of devices that don't have enough input control to be affected.
I think it makes sense - the last time they released a patch for Spectre and Meltdown there were functionality regressions. They're making sure that what they're doing doesn't cause problems. Delaying the patch for a few days is not enough to help anybody's "ghosting" efforts.
*facepalm* the only thing that's unreal is this "Shadow Goverment" you speak of. But let's suppose I'm wrong - why do you care? What exactly are they going to do that's of any concern to you?
My theory : This spectre was created by the NSA. It is not only for computers but for any device with a micro-processor. The idea is to a create a ghost inside every device around the world that can be traced easily and efficiently.
This has been theorized a hundred times over. Even a decade ago it was thought that Intel was creating NSA backdoors; this is nothing new or surprising. There's no definitive proof that these vulnerabilities are related, but it's easy to assume they are.
Also, not every CPU is affected by these vulnerabilities, because:
1. There are a handful of architectures that don't appear to be affected at all (such as MIPS).
2. Of the CPUs that are vulnerable, not all of them have all vulnerabilities; Intel just happens to have the most serious and easily-exploitable ones.
3. There are plenty of devices that don't have enough input control to be affected.
Intel is delaying the patch ? makes no sense, unless Intel knew directly what these vulnerabilities where for, ghosting people of interest, aka everyone.
I think it makes sense - the last time they released a patch for Spectre and Meltdown there were functionality regressions. They're making sure that what they're doing doesn't cause problems. Delaying the patch for a few days is not enough to help anybody's "ghosting" efforts.
Not to get too political, but the world should be thankingTrump right now for taking on the Shadow Government bullshit. Trump has the Shadow Government so scared it is unreal.
*facepalm* the only thing that's unreal is this "Shadow Goverment" you speak of. But let's suppose I'm wrong - why do you care? What exactly are they going to do that's of any concern to you?
Click here to post a comment for this news story on the message forum.
AMD Vanguard
Posts: 2311
Joined: 2006-05-07
Ok, not going to install anything related to it, so they can postpone it indefinitely