YOU ARE AT:Chips - SemiconductorIntel security glitch may impact processors stretching back a decade

Intel security glitch may impact processors stretching back a decade

Patches to Intel kernel flaw could slow down computers by 30 %

An apparent security flaw has been reportedly found in almost every Intel processor chip made in the last decade, forcing a redesign of Linux and Windows kernels. Adding insult to injury, the required patches for Windows, macOS and Linux machines could slow down computers by as much as 30 %. Specific details regarding the flaw have yet to be made public.

Originally reported by The Register, the design flaw in Intel’s x86-64 hardware, which was introduced in 2004, could enable cyber criminals to gain access to the kernel, a feature of an operating system (OS) that controls nearly everything. While technical details concerning the glitch are dense, basically, kernel memory information is being leaked, which hackers could seize to inject malicious malware into a PC.

“Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed,” Intel said in a statement released Wednesday. “Intel believes these exploits do not have the potential to corrupt, modify or delete data. Recent reports that these exploits are caused by a ‘bug’ or a ‘flaw’ and are unique to Intel products are incorrect.”

Fixing the bug would require isolating the kernel memory from user processes. Kernel memory sharing allows systems to run smoothly. Consequently, any patch that put an end to that sharing would slow down the computer.

According to Applelnsider, Apple has issued a partial fix to the issue with December’s macOS 10.13.2. The report said Apple mitigated the glitch by modifying existing programming requirements associated with the kernel memory information in macOS. Additional changes are anticipated to be coming to 10.13.3, which is currently in beta testing.

It is uncertain to what extend these patches will impact Windows, Mac and Linux machines. Nevertheless, a software developer called Python Sweetness suggested major cloud service providers and virtual machines may bear the brunt of the design flaw. Microsoft’s Azure Cloud has scheduled maintenance for next week, while Amazon Web Services (AWS) has warned customers to brace themselves for a major security update this Friday.

In an email sent to Linux kernel mailing list, semiconductor company AMD said the enterprise’s chips were not impacted by the security glitch. “AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against,” AMD software engineer Tom Lendacky wrote. “The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.” As a result of the design flaw, AMD shares rose 5.2 % Wednesday as Intel shares dropped 3.4 %.

ABOUT AUTHOR

Nathan Cranford
Nathan Cranford
Nathan Cranford joined RCR Wireless News as a Technology Writer in 2017. Prior to his current position, he served as a content producer for GateHouse Media, and as a freelance science and tech reporter. His work has been published by a myriad of news outlets, including COEUS Magazine, dailyRx News, The Oklahoma Daily, Texas Writers Journal and VETTA Magazine. Nathan earned a bachelor’s from the University of Oklahoma in 2013. He lives in Austin, Texas.