Analysts suggest CPU security flaw won't create long-term economic hit for Intel

Adjust Comment Print

The executives clarified, however, that the performance impact will be negligible when it comes to average PC users.

Following up on yesterday's confirmation that security exploits can compromise computers with Intel processors, Intel today announced a timetable for updates to render recent computers "immune" to the exploits, now referred to as Spectre and Meltdown.

Intel is focusing attention on chips that have been produced in the last five years - which is understandable to a degree. Between them, they subject nearly every computing device to snooping and data thefts.

There is no evidence that hackers have been able to exploit the weaknesses and they would need to have the specific malware installed first, so hackers wouldn't be able to randomly try to take control of just any system connected to the internet. Researchers with Alphabet's Google ProjectZero, in conjunction with academic and industry researchers from several countries, discovered two flaws.

The potential for damage from the security loopholes, which were discovered by researchers at a number of companies and universities including Google and the University of Pennsylvania, remains unclear. The patches, however, will have some performance effects, noting that they will be at frustrating levels pegged at zero to 30 percent level.

Both flaws work on the same principle that allows hackers to access the deep recesses of a computer's memory, the researchers wrote on a jointly created website.

Meanwhile, the company also deployed Kernel Page Table Isolation (KPTI) to counter the third variant known as Meltdown by "better protecting sensitive information in memory from other software running on a machine". Such a leak could potentially expose stored passwords and other sensitive data, including personal photos, emails and instant messages.

Marathon Oil (NYSE:MRO) Upgraded at Bank of America
Crestwood Capital Management Lp sold 54,000 shares as Interactive Brokers Group In (IBKR)'s stock declined 9.72%. Kelley sold 35,604 shares of Marathon Petroleum stock in a transaction that occurred on Thursday, December 14th.

The plaintiffs are seeking compensation from the chip giant, citing the security vulnerability as well as Intel's failure to disclose it in a timely fashion. "It will not take long for the security flaw to be exploited in the wild".

The findings were that processor microarchitectures from Intel, AMD and ARM were all vulnerable to a lesser or greater extent. AMD chips are also affected by at least one security flaw.

On servers such as those run by Google Cloud Services, Amazon Web Services or Microsoft Azure for corporate customers, hackers can even steal data from multiple customers. Gruss said Meltdown was the more serious problem in the short term but could be decisively stopped with software patches.

Android users can accept the automatic security updates provided by device makers and reboot the devices.

ARM said patches had already been shared with its customers, which include many smartphone manufacturers.

While CERT/CC has withdrawn its recommendation to replace processors, US-CERT - a related group that operates officially under the auspices of the Department of Homeland Security - has yet to update its own bulletin, issued earlier on Thursday.

Apple had a partial fix for the problem and is expected to have an additional update.

Comments