Intel flaw: Critical bugs in computer chips spark panic
News that a serious flaw has been discovered in computer chips used in billions of smartphones and computers has sparked panic among tech insiders, developers and manufacturers.
Computers and laptops powered by Intel and AMD processors are vulnerable, while iPhones and Android phones using ARM chips are also insecure.
Google researchers discovered the bugs ‘Meltdown’ and ‘Spectre’ as essential functions of Intel’s hardware.
“Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system,” said a statement from the research team.
“Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.”
These are known bugs, leaving major US and European companies scrambling to secure customer devices through downloadable software patches.
Windows, Linux and Apple devices across the world will have to be updated with downloadable software patches.
Intel admitted that their processors contained the flaw but downplayed the affect it could have on users.
In a statement Intel denied that the bug was “unique” to its products and claimed it was always going to reveal the flaw to the public in early January.
“Recent reports that these exploits are caused by a ‘bug’ or a ‘flaw’ and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.
“Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively.”
Fix slows down your machine
Fixes to the flaw could cause computers or smartphones to slow down by 5% to 30%, effectively capping processor speed and denuding performance gains on faster machines and phones.
While Intel has come out strongly against the report, saying “any performance impacts are workload-dependent, and, for the average computer user, should not be significant”, it’s obvious that a serious processor recalculation will make a difference to electronic devices.
Speaking to Antiviruses.co.uk, a spokesperson from the UK’s National Centre for Cyber Security said that official advice was to urge users to download patches direct from their chip’s manufacturer.
“We are aware of reports about a potential flaw affecting some computer processors.
“At this stage there is no evidence of any malicious exploitation and patches are being produced for the major platforms.
“The NCSC advises that all organisations and home users continue to protect their systems from threats by installing patches as soon as they become available.”
What now?
Of course there is a chance cybercriminals and hostile actors will try to use this time to get the unaware to download and install false software marked as a patch.
Common ways to do this are to offer ‘packs’ that claim to solve all your different device issues which contain everything from system malware to bitcoin mining software.
In most cases, computers and smartphones will be automatically patched with no need for individuals to download specific software.
Windows released a statement saying that their own update will be automatically applied to Windows 10 machines at 5pm on 4 January 2018.
MAIN IMAGE: Paul Downey/CC-BY 2.0