The firmware patches designed to protect Intel processors against nasty Spectre CPU exploits have a big downside: They’re forcing more frequent reboots on some systems, including PCs that released in 2017.

On January 11, Intel said that the firmware patches prompted more frequent reboots in Haswell (2013) and Broadwell (2014) systems. Late Wednesday, Intel executive vice president Navin Shenoy revealed that many other processor generations also succumb to the reboot bug: Sandy Bridge (2011), Ivy Bridge (2012), Skylake (2015), and Kaby Lake (2017). The only processors from the last five years that run without issue—yet, at least—appear to be the newest Intel 8th-gen CPUs, dubbed Coffee Lake.

“We have reproduced these issues internally and are making progress toward identifying the root cause,” Shenoy says. “In parallel, we will be providing beta microcode to vendors for validation by next week.”

Even with the reboot issue, the existing firmware updates still deliver valuable protection against potential Spectre attacks. "Intel recommends that partners maintain availability of existing microcode updates already released to end users,” the company’s security advisory says. “Intel does not recommend pulling back any updates already made available to end users.”

Install the patch, swallow any unwanted reboots, and keep an eye out for further fixes coming down the line, in other words. Spectre attacks haven’t been observed in the wild, but now that the exploits have been published, they’re no doubt coming. AMD says its processors have “near-zero” risk to the Spectre variant that require a microcode update, but it is nevertheless releasing optional firmware updates for its chips.

PCWorld