Intel Unleashes 'Comprehensive' Threat Mitigation Response To Spectre And Meltdown Security Vulnerabilities


Intel Vice President Stephen Smith says the chip giant is moving forward with a "comprehensive" threat mitigation plan that includes operating system and firmware updates that will be made available in the next "few weeks" in the wake of what is being referred to as Meltdown and Spectre microprocessor security holes.

"We have been working to put together a combination of operating system updates on the broadly used operating systems and some firmware updates that we developed that are specific to the configuration and operation of our processor," said Smith in a conference call with analysts on Wednesday night. "That has all been developed with industry partners, tested with industry partners, working with OS vendors and with OEMs. We have been working at this for some time such that we'll be ready beginning in the next few days to start the deployment of the mitigations. It will probably take a few weeks before the mitigations we have in mind will all be available to customers."

[Related: Solution Providers: Ignore The Meltdown and Spectre Microprocessor Exploits 'At Your Own Peril']

Smith said Intel has observed the security issues as what he called a "proof of concept to show what the type of attack is but we have not observed any active deployment of the exploit in the real world of computing."

Sponsored post

Smith's comments came after Intel was hit on Wednesday by media reports of security issues affecting Intel PC and server microprocessors. The security threat sent Intel shares tumbling, wiping out $12.36 billion in market valuation from $219.26 billion on Jan. 2 to $206.90 billion on Jan. 4.

Intel said Thursday that it is "rapidly issuing updates for all types of Intel-based computer systems — including personal computers and servers — that render those systems immune from both exploits (referred to as ’Spectre’ and ’Meltdown’) reported by Google Project Zero."

Intel, in fact, said it has already issued updates for the majority of processors introduced in the last five years. Furthermore, the company said by the end of next week it "expects to have issued updates for more than 90 percent of processor products introduced within the past five years."

Intel said the system updates are being made available by system manufacturers, operating system providers and others. The company said "many operating system vendors, public cloud service providers, device manufacturers and others have indicated that they have already updated their products and services."

Intel encouraged computer users worldwide to "utilize the automatic update functions of their operating systems and other computer software to ensure their systems are up-to-date."

Bob Venero, CEO of Holbrook, N.Y.-based solution provider Future Tech, No. 119 on the 2017 CRN Solution Provider 500, praised Intel for how it has handled the Meltdown and Spectre security flaws. He said Future Tech is actively working with Intel and its customers to address the security issues.

"We had a call yesterday that was put together with the right people at Intel to get on the phone with a Fortune 100 customer within 30 minutes," he said. "The bottom line is there is going to be remediation and work that needs to be done and the Intel team, the Future Tech team and the customer are all working together."

Future Tech has moved forward with a plan that includes a "cadence" with the Intel team to address the security issues on all fronts.

"We had a call yesterday, we will have another call today, throughout the month and into the future until it is resolved," he said. "We have had these issues before with Intel and Microsoft. We are living in a world of security breaches, hacking and vulnerabilities. Intel has a very big job to make sure their products and solutions are not vulnerable. They are doing a good job here."