Updated information from Intel: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088
---8<--- Recommendations: Status Intel has made significant progress in our investigation into the customer reboot sightings that we confirmed publicly last week Intel has reproduced these issues internally and has developed a test method that allows us to do so in a predictable manner Initial sightings were reported on Broadwell and Haswell based platforms in some configurations. During due diligence we determined that similar behavior occurs on other products including Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake based platforms in some configurations We are working toward root cause While our root cause analysis continues, we will start making beta microcode updates available to OEMs, Cloud service providers, system manufacturers and Software vendors next week for internal evaluation purposes In all cases, the existing and any new beta microcode updates continue to provide protection against the exploit (CVE-2017-5715) also known as “Spectre Variant 2” Variants 1 (Spectre) and Variant 3 (Meltdown) continue to be mitigated through system software changes from operating system and virtual machine vendors As we gather feedback from our customers we will continue to provide updates that improve upon performance and usability Intel recommendations to OEMs, Cloud service providers, system manufacturers and software vendors Intel recommends that these partners maintain availability of existing microcode updates already released to end users. Intel does not recommend pulling back any updates already made available to end users NEW - Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations NEW - We further recommend that OEMs, Cloud service providers, system manufacturers and software vendors begin evaluation of Intel beta microcode update releases in anticipation of definitive root cause and subsequent production releases suitable for end users ---8<--- As such, current plans are to _not_ distributed updated microcode packages to Debian stable users, until a new batch of microcode updates are released by Intel. "Beta" microcode updates will be initially uploaded to experimental (if such updates are made available to Debian): do *not* assume that beta updates "can't be worse than the current ones". -- Henrique Holschuh