Uhm, what a mess. This, just when Linux vendors began pushing updated intel-microcode packages (Ubuntu just released intel-microcode 3.20180108.0). Should we put the update on hold until this issue is hopefully resolved, or should we still update as suggested in the last paragraph of this Intel press release, somehow believing that the random reboots don't apply to "end users"?
Withdrawn CPU Microcode Updates: Intel provides to Lenovo the CPU microcode updates required to address Variant 2, which Lenovo then incorporates into BIOS/UEFI firmware. Intel recently notified Lenovo of quality issues in two of these microcode updates, and concerns about one more. These are marked in the product tables with “Earlier update X withdrawn by Intel” and a footnote reference to one of the following:
1 – (Kaby Lake U/Y, U23e, H/S/X) Symptom: Intermittent system hang during system sleep (S3) cycling. If you have already applied the firmware update and experience hangs during sleep/wake, please flash back to the previous BIOS/UEFI level, or disable sleep (S3) mode on your system; and then apply the improved update when it becomes available. If you have not already applied the update, please wait until the improved firmware level is available.
2 – (Broadwell E) Symptom: Intermittent blue screen during system restart. If you have already applied the update, Intel suggests continuing to use the firmware level until an improved one is available. If you have not applied the update, please wait until the improved firmware level is available.
3 – (Broadwell E, H, U/Y; Haswell standard, Core Extreme, ULT) Symptom: Intel has received reports of unexpected page faults, which they are currently investigating. Out of an abundance of caution, Intel requested Lenovo to stop distributing this firmware.
It is a mess. I suggest that you and anyone else asking these questions pay attention to Microsoft a little bit, to receive all of the information that there is to be had on this.
Microsoft has been telling people about problems with the mitigations up-front. There are, for starters, Microsoft KnowledgeBase articles detailing problems with older AMD CPUs and with anti-virus softwares that behave like rootkit viruses resulting in systems that will not boot, and web log articles discussing the performance considerations for server systems.
