Published: Sat, January 13, 2018
Hi-Tech | By Ellis Neal

Intel details rollout of Meltdown and Spectre security updates

Intel details rollout of Meltdown and Spectre security updates

"While on some discrete workloads the performance impact from the software updates may initially be higher, additional post-deployment identification, testing and improvement of the software updates should mitigate that impact". "Intel encourages computer users worldwide to utilise the automatic update functions of their operating systems and other computer software to ensure their systems are up-to-date".

The chip maker didn't go into detail about the exact problem, but suggested Intel products aren't the only ones affected.

Following Intel's disclosure that many of its chips have been vulnerable to hackers, the company said on Thursday that it's been rolling out updates for most processors introduced in the past five years, with more on the way.

Krzanich sought to allay worries about the situation in a hastily arranged conference call with reporters on Wednesday afternoon, stressing that there haven't been any known instances of hackers actually exploiting the vulnerability, and promising that fixes were on the way. However, a flaw allows malicious code to read system memory and thus gain access to passwords, encryption keys, and other sensitive information. "Intel's material defect can be patched - but patched computers, smartphones and devices suffer reduced performance", stated one of the lawsuits, filed in the District of Oregon.

Intel's CEO sold shares in his company several months after Google informed the chipmaker of a serious security problem affecting its products.

Join our mailing list to receive the latest news and updates from The Jolt Journal. It's a part of the Software Engineering Institute, which is itself a non-profit that's largely funded by grants from the US Department of Defence.

The revelations "attack the foundational modern computer building block capability that enforces protection of the (operating system)", said Steve Grobman, chief technology officer at security firm McAfee. (Which it still says hasn't tangibly affected performance for the majority of its audience.) This statement from Intel is aimed to double down on reassuring users that the problem is well on the way to being fixed. Intel denied that the patches would bog down computers based on Intel chips.

The other flaw, Spectre, affects most processors now in use, though the researchers believe this flaw is more hard to exploit. That could make it possible for hackers to exploit other security bugs or, worse, expose secure information such as passwords, thus compromising individual computers or even entire server networks.

The two hardware bugs discovered can be exploited to allow the memory content of a computer to be leaked. The company in its presentation also says the exploits do not impact just "one architecture or processor implementation". Google says Android devices are protected if they have the latest security updates.

Like this: