Intel and AMD Processor Security Vulnerability - All You Need to Know
Posted by: Timothy Tibbetts on 01/04/2018 06:57 AM [ Comments ]
As you might have heard, a major security vulnerability has been discovered in Intel’s, and now AMD's processors. The story has varied and changed over the past two days so here's the latest from Intel, AMD, and Microsoft.
Summary, links, and updates:
Intel has admitted to a processor flaw that could allow hackers to access sensitive data.
AMD has admitted their chips are also vulnerable
Microsoft has released a Cumulative Update for Windows 10 (KB4056891)
It is believed that this flaw could allow attackers to access sensitive information such as passwords and files cached on a disk and affects Intel processors released over the past ten years. AMD now has also confirmed to Fortune that its chips were affected by some related security exploits, but the company pressed that
Both Intel and AMD initially downplayed this, but it appears to be a widespread vulnerability affecting many Intel and AMD processors from the last ten years.
Intel has also made a statement:
Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.
Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.
Here is AMD (ARM) statement to Fortune:
“ARM has been working with Intel and AMD to devise mitigation for a new method identified by security researchers that can exploit certain high-end processors, including ours…Software mitigation measures have already been shared with our partners. ARM takes all security threats seriously, and we encourage individual users to ensure their software is up-to-date and always practice good security hygiene.”\
Microsoft has announced an emergency patch is coming, so watch for that any day now. Word on the street is that it could slow down computers, however, making it a necessary evil. Microsoft said:
We're aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities had been used to attack our customers.
Be sure your Windows Updates are current, like all other software, especially your security software. We'll update this story as more becomes available.
Summary, links, and updates:
It is believed that this flaw could allow attackers to access sensitive information such as passwords and files cached on a disk and affects Intel processors released over the past ten years. AMD now has also confirmed to Fortune that its chips were affected by some related security exploits, but the company pressed that
Both Intel and AMD initially downplayed this, but it appears to be a widespread vulnerability affecting many Intel and AMD processors from the last ten years.
Intel has also made a statement:
Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.
Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.
Here is AMD (ARM) statement to Fortune:
“ARM has been working with Intel and AMD to devise mitigation for a new method identified by security researchers that can exploit certain high-end processors, including ours…Software mitigation measures have already been shared with our partners. ARM takes all security threats seriously, and we encourage individual users to ensure their software is up-to-date and always practice good security hygiene.”\
Microsoft has announced an emergency patch is coming, so watch for that any day now. Word on the street is that it could slow down computers, however, making it a necessary evil. Microsoft said:
We're aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities had been used to attack our customers.
Be sure your Windows Updates are current, like all other software, especially your security software. We'll update this story as more becomes available.
Comments