A design flaw has been discovered in Intel processors that will require major changes to be made to the Windows and Linux kernels. At the same time, AMD says its processors are not affected
Security researchers have identified a bug at Intel's chips that lets some software gain access to parts of a computer's memory that are set aside to protect things like passwords. Patches to Microsoft's Windows and Apple's OS X operating systems will be required and the security updates may slow down older machinery - up tp 30% in some cases - according to reports.
Intel, which provides to more than 80 percent of computers, acknowledged the issue, but tried to downplay its impact. The company said that any exploits are not caused by a "bug" or a "flaw" on its chips only. "Based on the analysis to date, many types of computing devices - with many different vendors' processors and operating systems - are susceptible to these exploits," according to the company.
"Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively," the company added.
Intel said it has begun providing software and firmware updates to mitigate the exploits.
Commenting on the possible performance impacts caused by these updates, Intel ays that they are "workload-dependent," and that for the average computer user, "should not be significant and will be mitigated over time."
Intel added it planned to disclose the issue next week when more software and firmware updates would be available.
Obviously, this is a fundamental design flaw in Intel's processor chips. As a result, Intel has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug. The company advises users to check with their operating system vendors or system manufacturers and apply any available updates as soon as they are available.
Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday.
However, these updates to both Linux and Windows will incur a performance hit on Intel products, although the effects are still being benchmarked.
For its part, AMD claims that it is not affected by the flaw.
"AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault," said AMD's Tom Lendacky.