Intel Reports ‘Significant Progress’ In Patching Chip Security Flaws

Intel seems to be most affected by the issue.

Intel’s rapid response comes after startling revelations from Google Project Zero over the vulnerabilities, particularly within Intel chips (Meltdown) but also those from all processor manufacturers (Spectre).

Both bugs can essentially help malware grab data stored in sensitive programs, including a password manager or browser. Meltdown and Spectre break the isolation between memory used by applications, and even applications and kernel-mode memory, posing a significant security risk if exploited.

The bug affects laptops, desktop computers, smartphones, tablets and internet servers. It is a matter of workload that slows processing, not the update, according to Intel. As of now users can�??t do much but update their devices to the latest security patches to mitigate the vulnerabilities. Apart from this, Microsoft has issued security patches for Windows, Edge, and IE.

However, it notes that a number of factors go into performance and results might vary. And the performance generally isn’t a problem, he said: “For the real-world applications.it’s minimal impact”.

Apple has already rolled out patches for iOS, macOS and tvOS to address the Meltdown vulnerability.

“Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect”, the company said.

Apple had a partial fix for the problem and is expected to have an additional update. Intel chips dating as far back as a decade are in jeopardy. That feature anticipates what information might be needed next – such as a password to a website – and makes it available in a “secure area” of the chip, speeding computing, Intel staff said on a conference call with reporters and analysts Wednesday afternoon. It’s now delivering the software and firmware fixes to its partners.

Intel said it is working with AMD and ARM as well as operating system-makers to develop an industry-wide approach to resolving the issue. There is also the promise that over time, any performance impact created by the fix will be mitigated. In just a few days, weeks, or months, hackers can render any computer device vulnerable to attack. The worldwide community of coders that oversees the open-source Linux operating system, which runs about 30% of computer servers worldwide, has already posted a patch for that operating system. This gives an attacker capabilities that bypass the common operating system security controls that we’ve relied on for 20 years.

If your system is affected, there is the potential to read the memory content of your computer.