A new report on Monday disclosed a critical hyperthreading flaw impacting Intel's sixth- and seventh-generation Skylake and Kaby Lake processors.
But in a statement to CRN, Intel said it has addressed the issue - cited by the Debian Project, developers of a form of the Linux operating system -- with a fix for OEMs, but that system builders should ensure that affected customers' basic input-output systems (BIOS) are updated.
“We have already identified this issue and addressed it with a fix that started rolling out in April 2017," an Intel spokesperson told CRN. "As always, we recommend checking to make sure your BIOS is up to date, but the chance of encountering this issue is low, as it requires a complex number of concurrent micro-architectural conditions to reproduce.”
The flaw cited by the Debian developers is the result of a microcode bug in Intel's hyperthreading process, the warning said. Hyperthreading is Intel's proprietary multithreading technology that allows systems to perform multiple tasks at once on x86 microprocessors.
This bug is reported to trigger "unpredictable system behavior" that could cause "spurious errors, such as application and system misbehavior, data corruption and data loss," according to the Debian report.
The issue impacts Skylake and Kaby Lake core processing unit chips in desktop, embedded and mobile devices, as well as Xeon v5 and v6 server chips, according to the Debian report. This bug can occur in any operating system, including Linux.
"Due to the difficult detection of potentially affected software, and the unpredictable nature of the defect, all users of the affected Intel processors are strongly urged to take action as recommended by this advisory," the Debian report said.
While Intel has rolled out updates to OEMs and motherboard vendors, the Debian report noted that impacted Skylake and Kaby Lake users should contact their system vendors or builders for a BIOS or Unified Extensible Firmware Interface (UEFI) update that fixes the issue.
Randy Copeland, president and CEO of Velocity Micro, a system builder and Intel partner based in Richmond, Va., said the bug is not likely to have a significant impact on the channel, but that partners should be prepared with an action plan for any future issues.
"We are aware of the bug and have not had any issues with it or heard any customers that have had any issues yet," he said. "We have an action plan in place if anyone has a problem going forward."