Wise Owl Shopper Discounts

Intel

This high-tech stadium roof will keep fans warm during the big game video

Apple HomePod preorders begin, Intel shares up despite security problems

1:21 January 27, 2018

The £349 smart speaker goes on sale just as Apple previews iOS 11.3.

Meanwhile, Intel stock sees no impact from the Spectre and Meltdown…

Play video

Grab this Microsoft update now if your PC was affected by the Spectre fixes

The last few weeks have been rough for technology manufacturers and users alike, with the Meltdown and Spectre exploits making headlines and requiring fixes that can slow down our gadgets. Intel issued microcode fixes for its own CPUs meant to address the issue and then quickly retracted them due to system reboots and instability. Now, Microsoft has concluded that fixes meant to address the Spectre Variant 2 exploit are bad enough to cause data loss, and its issued its own fix.

For now, this fix comes via a support bulletin that it issued the following statement: “Intel has reported issues with recently released microcode meant to address Spectre Variant 2 (CVE 2017-5715 Branch Target Injection) — specifically Intel noted that this microcode can cause “higher than expected reboots and other unpredictable system behavior” and then noted that situations like this may result in “data loss or corruption.” Our own experience is that system instability can in some circumstances cause data loss or corruption. On January 22, Intel recommended that customers stop deploying the current microcode version on impacted processors while they perform additional testing on the updated solution.

We understand that Intel is continuing to investigate the potential impact of the current microcode version and encourage customers to review their guidance on an ongoing basis to inform their decisions.” Microsoft’s response, for now at least, is to simply turn off the mitigation against Spectre Variant 2. It provided an update that users can run at the Microsoft Update Catalog site, along with steps to manually disable and enable the mitigation by modifying the registry.

The registry is a finicky thing, though, and so be careful if you choose the latter route. While it’s usually a bad idea to turn off security measures meant to protect against known exploits, in this case, the damage that Intel’s bad microcode can cause clearly outweighs what Microsoft considers to be a negligible potential for harm. According to the company, there have been no known attacks based on Spectre Variant 2, at least as of Thursday, January 25.

Microsoft will likely issue a more widely available update once its official Patch Tuesday update rolls around next month.

This emergency out-of-band update might be worth running in the meantime, though, particularly if any of your PCs have been acting a bit crazy since being updated with the Spectre fixes.

Editors’ Recommendations

Apple may release three Macs with custom co-processors in 2018, but which ones?

Apple is reportedly planning to release at least three new Mac laptops and desktops with its ‘T’ series of custom co-processors, according to a story in Bloomberg[1].

Speaking with ‘a person familiar with the plan,’ Bloomberg reports that – as follow-ups to the latest MacBook Pro[2] with Touch Bar and iMac Pro[3] – these updated Mac models with new co-processors will include fresh laptops and a new desktop.

These co-processors are, like those before them, likely to be ARM-based chips that carry out specific functions for Mac computers. For instance, the T1 co-processor inside the MacBook Pro[4] with Touch Bar manages everything about said Touch Bar, while the T2 co-processor handles power management and hardware-level security in the iMac Pro.

Bear in mind that Apple isn’t manufacturing these processors from scratch, but rather designing them using a license from a partner like ARM to then fabricate and produce elsewhere.

Which new Macs can we expect?

Based on previous reports and rumors, we can start to get a bead on exactly which new Mac laptops and desktops with fresh co-processors we’ll see in 2018. First, the aforementioned desktop is almost certainly the modular, ‘completely redesigned, next-generation Mac Pro architected for pro customers’ that Apple itself brought up again[5] before the end of last year.

Next, we’ve already heard – albeit from a dodgy source at best – that Apple doesn’t plan to give a ‘major upgrade’ to its MacBook[6] laptops this year. Of course, that depends on whether you consider new co-processors a ‘major upgrade,’ not to mention whether this report has much merit to begin with.

The most recent report regarding new MacBooks – from the very same outlet – seems to completely contradict this, with word that Apple could phase out the 13-inch MacBook Air[7] to make room for a new, 13-inch entry-level laptop without the Touch Bar. Apple itself has hinted that the most affordable MacBook Pro is the stand-in for the all but defunct MacBook Air[8].

Where does that leave us? Apple itself has promised a new Mac Pro, and we may well see a new 13-inch laptop similarly priced to the MacBook Air to fill that void. 

All that’s left, then, are refreshes for the MacBook Pro and 12-inch MacBook[9] models, the former of which is sorely needed with models already outdated by the latest Intel 8th-generation processors. If the ‘at least three’ new Macs line from Bloomberg is to be taken to heart, the most likely to be skipped this year is the 12-inch MacBook, which isn’t as power-dependent as the MacBook Pro line.

At any rate, 2018 is already looking to be an exciting year for Mac and MacBook computers following a relative drought of updates and innovations for several years prior to late 2016.

  • At least one of these is bound to join the best Macs[10] of 2018

References

  1. ^ a story in Bloomberg (www.bloomberg.com)
  2. ^ MacBook Pro (www.techradar.com)
  3. ^ iMac Pro (www.techradar.com)
  4. ^ MacBook Pro (www.techradar.com)
  5. ^ Apple itself brought up again (www.techradar.com)
  6. ^ doesn’t plan to give a ‘major upgrade’ to its MacBook (www.techradar.com)
  7. ^ Apple could phase out the 13-inch MacBook Air (www.techradar.com)
  8. ^ MacBook Air (www.techradar.com)
  9. ^ MacBook (www.techradar.com)
  10. ^ best Macs (www.techradar.com)

View More: Bargains

Microsoft releases emergency update to disable Intel’s faulty Spectre patch

News about the Meltdown and Spectre processor seems to be going from bad to worse, and over the weekend Microsoft had to release an emergency patch to disable patches for the Spectre bug.

The Windows Update (KB4078130[1]) in question is something of a rarity, as not only did Microsoft rush it out over the weekend (rather than waiting until Tuesday, the usual day Microsoft releases updates), but it directly disables a security patch released by Intel.

This means that the issues the Intel patch caused were deemed more serious than the security vulnerabilities it was designed to fix – at least in the short term.

Intel woes

How to protect against Spectre and Meltdown

For the latest on how to protect yourself from Spectre and Meltdown[2], read our comprehensive guide.

The issues Intel’s patch caused were revealed last week when Intel admitted that its was causing some machines to reboot unexpectedly.

Intel even warned users against downloading its own patch[3], with Intel EVP Neil Shenoy saying that “we recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment of current versions on specific platforms, as they may introduce higher than expected reboots and other unpredictable system behavior.”

Microsoft has clearly taken Intel’s advice, by stating that it had released the emergency patch to disable Intel’s Spectre patch because “our own experience is that system instability can in some circumstances cause data loss or corruption. On January 22, Intel recommended that customers stop deploying the current microcode version on impacted processors while they perform additional testing on the updated solution.”

According to Microsoft, this new patch “specifically disables only the mitigation against CVE-2017-5715”, which is the other, less catchy name for Spectre Variant 2.

If you’re not keen on removing the protection against Spectre, and feel like the possibility of system crashes is a price worth paying, then Microsoft has made it possible for users to manually disable and enable the mitigation against Spectre by changing registry settings.

Needless to say, this will be for advanced users only, but you can follow Microsoft’s instructions[4] if you’re comfortable editing the registry.

Most users, however, should wait for a new patch from Intel that will mitigate against Spectre, without causing system instabilities. With Intel vowing to stop Meltdown and Spectre by the end of January[5], we hopefully won’t have too long to wait.

References

  1. ^ KB4078130 (support.microsoft.com)
  2. ^ how to protect yourself from Spectre and Meltdown (www.techradar.com)
  3. ^ warned users against downloading its own patch (www.techradar.com)
  4. ^ follow Microsoft’s instructions (support.microsoft.com)
  5. ^ With Intel vowing to stop Meltdown and Spectre by the end of January (www.techradar.com)
  6. ^ best processors (www.techradar.com)

View More: Products

Intel warned Chinese tech firms of Spectre and Meltdown ahead of U.S. government

Intel warned certain customers, including Chinese tech firms, of the Spectre and Meltdown security flaws before notifying the U.S. government, The Wall Street Journal reported. The flaws were first discovered by Google’s Project Zero team in June of last year. Intel held off on disclosing the issue while it worked on possible fixes. The company planned to make the announcement on January 9, but The Register broke the story on January 2.

Intel then confirmed the news the next day. Intel did notify several major tech firms in an effort to limit the potential damage and help work on fixes. However, a representative from the Department of Homeland Security said that the department did not learn of the flaws until the news was broken.

Homeland Security is often notified of such issues before the public, and often acts as a source of guidance for how to address them. The NSA was also uninformed of the problem. Rob Joyce, the White House’s top official on matters of cybersecurity, sent out a tweet saying that the NSA was unaware of the vulnerabilities.

Jake-No nuance to my answer.

No lawyerly caveats. NSA did not know about these flaws, nor did they exploit them. I don’t put my good name on the line lightly.

I understand you are disinclined to believe, 1/2. — Rob Joyce (@RobJoyce45) January 13, 2018

Intel refused to name any of the companies it warned prior to the scheduled January 9 announcement. That being said, several of the companies had been identified, including Microsoft, Amazon, Chinese computer manufacturer Lenovo, and Chinese cloud-computing firm Alibaba Group Holding.

A representative from Intel said that it had planned to brief others, including the U.S. government, prior to the January 9th announcement. However, the company said that it was unable to do so due to the fact that the story was reported sooner than expected. Jake Williams, a former employee of the National Security Agency and current president of Rendition Infosec LLC, told the Wall Street Journal that the Spectre and Meltdown vulnerabilities would have been of great interest to any intelligence organization.

Williams also warned that it is a “near certainty” that the Chinese government was aware of Spectre and Meltdown before the U.S., given that the Communist Party closely monitors such communications.

Representatives from the Chinese government did not comment on this story.

However, in the past, the country’s foreign ministry has said that it is “resolutely opposed” to all forms of hacking.

Editors’ Recommendations

1 2 3 5