To fix Intel's firmware fiasco, wait for Christmas Eve or 2018
And cross your fingers: 'TBD' is the scheduled date for hundreds of PC fixes
The world's top PC-makers have started to ship fixes for the multiple flaws in Intel's CPUs, but plenty won't land until 2018.
As Intel admitted on Monday, multiple flaws in its Management Engine, Server Platform Services, and Trusted Execution Engine make it possible to run code that operating systems – and therefore sysadmins and users – just can't see.
Chipzilla acknowledged the bugs after Positive Technologies publicised attack vectors for the flaws.
PC-and-server-makers have rushed to advise of their fixes, but not all have made them available immediately.
Lenovo's advisory listed seven machines for which the date of fix delivery is “TBD” - to be determined.
That's a lovely small number compared to Acer, which has given 240 models the TBD treatment.
It's therefore making Dell look good: it has just 191 TBD PCs. The company has also picked January 7th, 2018, for nine models, January 14th, 2018, for another ten machines and February 2nd, 2018, for four models. Nine machines will get their fix on Christmas Eve, 2017.
Panasonic has targeted “the end of January 2018” for six machines and is “currently confirming” when it will deliver for another seven machines.
Even Intel itself signalled it needs time to fix its NUC, ComputeStick and ComputeCard products. The company said “Expected availability” is in December 2017.
HPE appears to have downloads ready to go, but Fujitsu has readied them for Japanese and EMEA customers only: the rest of the world has to wait an unspecified amount of time.
Other substantial PC makers had not released advice at the time of writing.
It gets worse: plenty of the affected CPUs were sold to manufacturers of network attached storage or other appliances. If the likes of SuperMicro have announced or released fixes, they've eluded The Register's searches.
So, sysadmins: keep an eye on your emails, and El Reg. There are plenty more notifications to come and plenty of fixing to be done. ®
Sponsored: Becoming a Pragmatic Security Leader