In recent days we have been able to see news about a major security breach that affects Intel processors. The most important problem, which attracted the most attention, is that their solution requires them to go slower. It will depend on each case, but between 5 and 35%. So we are talking about figures that can be more than considerable and can even reach a third of the total capacity.
Intel security failure
The normal thing is that users in general not affected much this patch, and is that they will not notice difference between before and after installing it, as demonstrated by the colleagues of Alienture. This is so since we do not usually use applications that really use all the power. Yes it will be noticed in servers like Amazon EC2 or Microsoft Azure.
Where does the failure come from? It seems that problem has to do with the control between the kernel of the operating system and the CPU.
Intel quickly began looking for a solution to the problem. Creating patches for users has been your goal from the beginning. You have to remember that it affects your entire line of X86 processors. The failure allows, at hardware level, access to unauthorized memory between several virtual machines that work on the same computer.
The company claimed that its processors were not the only ones affected. Intel explained that the reported exploits are affecting not only their chips, but many types of computing devices. In addition, they believe that these exploits are not harmful and do not “corrupt, modify or delete data” on computers. They explained that they were working with AMD and ARM to develop an industry-wide approach to solving the error.
AMD is unmarked
However AMD has ensured that its processors have not been affected. That is why he struggles because they are excluded from security patches . As we have indicated, updating the software also affects the hardware. This results in a loss of performance. That’s why AMD does not want to know anything about the subject and does not want these security patches to splash on them.
From AMD, its engineers, work so that the patches do not affect their processors.
Specter, one more
This security flaw is known as Meltdown. But, unfortunately, it is not the only one that has arrived these first days of 2018. Another, Specter, also affects the vast majority of modern processors. If both vulnerabilities are exploited, any malicious process could access secret information from other processes. This means that you could steal passwords or personal data, for example.
As indicated by Google, the Meltdown security flaw affects all Intel processors manufactured since 1995. This means that the vast majority of processors of this brand that are currently operating around the world, are vulnerable. There are exceptions, of course, such as the case of Itanium and the Atom manufactured before 2013.
In the case of Specter, recently detected, it not only affects modern Intel processors; it also affects AMD or ARM, in the case of mobile terminals (most are based on this type of processors). Even TV chips could be in danger. Maybe when Intel said they were not the only ones affected it was not just about Meltdown, which was the first thing that came to light, but about Specter.
In short, we are facing two important security failures that affect the processors. As we mentioned at the beginning of the article, companies are already working to get security patches as soon as possible.
Therefore, operating systems such as Windows, Linux or MacOS have already been put to work.
In the case of the Microsoft operating system, there are three different patches for Windows 10 depending on the version. In principle it will automatically reach all users and we can get it from Windows Update.
Fall Creators: KB4056892 (Build 16299.192)
Creators Update: KB4056891 (Build 15063.850)
Anniversary Update: KB4056890 (Build 14393.2007)
In addition, users who have Windows 8.1 or Windows 7, will receive the patch next Tuesday, as usual in security patches.
In Linux they have not been left behind and those responsible for the Kernel have already released the patched versions. On the official website we can see the patches for Linux Kernel versions 4.14.11, 4.9.74, 4.4.109, 3.16.52, 3.18.92 and 3.2.97.
On the Android side we have already reported that this month’s security patches will fix 38 vulnerabilities. They have not forgotten about Meltdown and Specter.
MacOS will make corrections in version 10.13.2 and is already in beta in MacOS 10.13.3 to solve these problems.
According to Google researchers, although it affects Android devices and Chrome OS, exploiting the vulnerability is “difficult and limited in most Android phones.” Of course, they add that the next version of Chrome OS that will be released on January 23 will bring modifications to mitigate this problem.
All this, as we can imagine, negatively affects the companies. Yesterday, at times, Intel shares in NASDAQ collapsed.