Yesterday, The Register reports A serious design flaw and security bug has been discovered in Intel's CPUs that will require an update ...
Yesterday, The Register reports A serious design flaw and security bug has been discovered in Intel's CPUs that will require an update at the operating system level to fix. All modern computers with Intel chips from the last decade appear to be affected, including Windows, Linux, and macOS. And now Intel has respond to the matter.
The flaw allows user programs to discern the contents of protected kernel memory, which could be taken advantage of by hackers to more easily exploit other security bugs. Even worse, these hackers could read the contents of the kernel memory, which can include information like passwords, login keys, and more.
Apple, on the other hand, on December 6th released macOS 10.13.2, which includes a fix for the kernel security bug. Furthermore, additional fixes are purportedly included within macOS 10.13.3. Meanwhile, Both Linux and Microsoft developers are still in the process of deploying their respective fixes.
The report explains that the patch could bring between a 5 percent and 30 percent slowdown, though more specific information is unclear at this point. The slowdown is due to how the processor must dump cached data and reload information from memory. But Intel claims performance impacts are workload-dependent and won’t be noticeable to the average computer user.
According Intel’s statement on the matter, the chipmaker explains that reports indicating the flaw is limited to Intel products only are incorrect, with AMD and ARM processors also purportedly affected. We haven’t heard anything that if AMD and ARM are also suffering from the same security hole.
Intel said in the statement that it planned to disclose the vulnerability next week when additional software patches were available, but was forced to make a statement today due to "inaccurate media reports." Read Intel's full statement here.
The flaw allows user programs to discern the contents of protected kernel memory, which could be taken advantage of by hackers to more easily exploit other security bugs. Even worse, these hackers could read the contents of the kernel memory, which can include information like passwords, login keys, and more.
Apple, on the other hand, on December 6th released macOS 10.13.2, which includes a fix for the kernel security bug. Furthermore, additional fixes are purportedly included within macOS 10.13.3. Meanwhile, Both Linux and Microsoft developers are still in the process of deploying their respective fixes.
The report explains that the patch could bring between a 5 percent and 30 percent slowdown, though more specific information is unclear at this point. The slowdown is due to how the processor must dump cached data and reload information from memory. But Intel claims performance impacts are workload-dependent and won’t be noticeable to the average computer user.
According Intel’s statement on the matter, the chipmaker explains that reports indicating the flaw is limited to Intel products only are incorrect, with AMD and ARM processors also purportedly affected. We haven’t heard anything that if AMD and ARM are also suffering from the same security hole.
Intel said in the statement that it planned to disclose the vulnerability next week when additional software patches were available, but was forced to make a statement today due to "inaccurate media reports." Read Intel's full statement here.
COMMENTS