You know that fast new computer you have? It’s got one of those fancy Intel processing chips inside and it’s screaming quick and you love it, right? Well, you’re about to be disappointed. News has surfaced that any computer or smartphone, be it running Windows, MacOS, or otherwise, purchased within the last decade with one of those Intel chips is likely to be slowed down due to an impending patch for a serious security flaw in the chips. The slowdown could be anywhere from 5-30%.
At this point, little is being released about the specifics of the flaw, but some say it means that some software programs and apps are able to read essential parts of the operating system. It could expose information from the machine such as user passwords. It affects the kernel functioning, so the patched systems could potentially see that hit to performance, due to the way patches interact with the kernel.
Protecting a Windows PC is a mixed bag right now with a few unknowns. Microsoft, Google, and Mozilla are all issuing patches for their browsers as a first line of defense. The latest versions of Internet Explorer, Firefox and Edge for Windows 10 all include a fix for this issue. Google says it will roll out a fix with Chrome 64 which is due to be released on January 23rd. Apple has not commented on how it plans to fix its Safari browser or macOS, but information is expected soon. Chrome, Edge, and Firefox users on Windows won’t really need to do much apart from accept the automatic updates to ensure they’re protected at the basic browser level.
The Intel developers are scurrying to get a patch out quickly. Researchers are saying the biggest impact will likely be to enterprise systems; to the average user, it could be negligible and any hit to performance should be mitigated over time with future patch releases. That said, the issue is serious enough that you should not delay when the patch is released. Apply it right away to all systems regardless of whether or not it slows down the computer or if it’s a personal computer at home or a server or workstation at the office.
In Intel’s statement, the company claims this flaw is not exclusive to its chips and likely does affect others such as AMD and Qualcomm and it is working with those manufacturers for an industry-wide solution. It also said that exploitation of the flaw does not have the potential “to corrupt, modify or delete data.” More details about this and what it could expose and how it can be exploited will be released once the patch is out. Until then, just be aware that it exists and watch for the patch to come out.
© Copyright 2018 Stickley on Security