Sci-Tech: Meltdown patches patched as a first wave of lawsuits hits Intel over Meltdown and Spectre [u/d, AMD sued over Spectre too]
|January 23, 2018||Posted by kairosfocus under Computing, AI, Cybernetics and Mechatronics, General interest, Geo-strategic issues, governance, UD's Sci-Tech watch|
The Meltdown-Spectre processor architectural flaw crisis we have been monitoring has deepened as Intel has to patch its initial patch:
NB: Comment 3 below links and clips documentation AMD has been sued over its response to Spectre.
Where also, The Register further reports that there are problems with embedded systems using microprocessors and microcontrollers:
>>Patches for the Meltdown vulnerability are causing stability issues in industrial control systems.
SCADA vendor Wonderware admitted that Redmond’s Meltdown patch made its Historian product wobble. “Microsoft update KB4056896 (or parallel patches for other Operating System) causes instability for Wonderware Historian and the inability to access DA/OI Servers through the SMC,” an advisory on Wonderware’s support site explains.
Rockwell Automation revealed that the same patch had caused issues with Studio 5000, FactoryTalk View SE, and RSLinx Classic (a widely used product in the manufacturing sector). “In fairness [this] may be RPC [Remote Procedure Call] change related,” said cybersecurity vulnerability manager Kevin Beaumont.
El Reg requested clarification from Rockwell but we’re yet to hear back from the vendor.
The expected and well-publicised system slowdown issues from Meltdown and Spectre patches (Reg reports here, here and here) have been accompanied by even more irksome stability problems on some systems. Incompatibility with Microsoft fixes released on January 3 freezes some PCs with AMD chips, as previously reported.
An Ubuntu Linux kernel update prompted by Meltdown caused systems to become unbootable. Patching against CVE-2017-5753, CVE-2017-5715 (Spectre) and CVE-2017-5754 (Meltdown) affected both the PulseSecure VPN client and Sandboxie, the sandbox-based isolation program developed by Sophos.>>
In short, we are clearly in for quite a ride and we are headed towards a new generation of chips with significantly modified architectures, leading to a huge stirring of the industrial pot in the most dynamic sector of the global economy. My guesstimate continues to be two to three years. END