A firestorm of criticism has erupted over the response to the chip flaws, which researchers at Google’s Project Zero discovered in 2016. Months passed before the problems were disclosed to the public. Further, the security patches released in recent days have been blamed for performance problems, including slowdowns in many systems. The fixes reportedly rendered a smaller number of systems unbootable.
Intel CEO Brian Krzanich on Thursday sent an open letter to the technology industry, pledging the company would make frequent updates and be more transparent about the process, and that it would report security issues to the public in a prompt manner.
Major tech companies, including Intel, Microsoft and Google, scrambled to calm the mood this week after a large number of computer users reported performance problems linked to security updates for the Spectre and Meltdown vulnerabilities.
Intel released numerous statements after the vulnerabilities were made public, and it shot down reports that its chips were the only ones at risk
The flaw could allow a nonprivileged user to access passwords or secret keys on a computer or a multitenant cloud server, explained Stratechery analyst Ben Thompson in a post Myerson referenced.
Performance Over Prudence
The Meltdown and Spectre vulnerabilities require adjustment to critical, low-level interfaces in affected operating systems,” said Mark Nunnikhoven, vice president of cloud security at Trend Micro.
Still, there have been problems in some cases, Nunnikhoven said, noting that Microsoft and AMD have been pointing fingers at one another following reports of computers slowing down or in some cases not booting.
Microsoft has suspended automatic updates and is working with AMD on a solution, it said in a security bulletin.