HP, Meltdown, and Spectre logos

HP announced today it was stopping the deployment of BIOS updates containing Meltdown and Spectre patches and reissuing older BIOS versions.

HP's announcement comes after Intel issued an update to its Meltdown and Spectre advisory yesterday, Monday, January 22.

The CPU maker said it finished investigating previous reports of increased system reboot rates and found problems with the CPU microcode (firmware) updates that tried to mitigate the Spectre Variant 2 bug (CVE-2017-5715).

Because of this buggy code, Intel urged OEM vendors to stop the distribution of current CPU microcode updates and promised to reissue updates that include only patches for Meltdown and Spectre Variant 1 (CVE-2017-5753), but not the part with the known buggy Spectre Variant 2 code.

Dell was the first OEM to stop deployment of buggy patches

Dell was the first OEM to heed Intel's warning and today recommended that customers not install the recently issued Dell BIOS updates, even going as far as telling clients to revert back to a pre-Meltdown-and-Spectre BIOS version "in order to avoid unpredictable system behavior."

HP is the second major OEM to follow Intel's advice.

In response to Intel’s recommendation, HP is taking the following actions:

    HP is removing HP BIOS softpaqs with Intel microcode patches from hp.com.
    HP will be reissuing HP BIOS softpaqs with previous Intel microcode starting January 25, 2018.
    Once Intel reissues microcode updates, HP will issue revised Softpaqs.

The Intel buggy code that caused increased system reboots is also the reason why Red Hat decided to revert Spectre patches over the weekend, even before Intel's formal announcement.

Spectre Variant 2 caused issues for AMD CPUs as well

The same Spectre flaw (Variant 2, or CVE-2017-5715) also caused problems for AMD CPUs, not just Intel.

Microsoft had to pause the rollout of Spectre patches for computers using AMD devices after encountering similar issues with computers that failed to boot. The OS maker recently resumed those patches after working with AMD to resolve the problems.