Technology major Intel is facing a major crisis in its history as a bug will affect chips in millions of computers from the last decade.
The first vulnerability, Meltdown can effectively remove the barrier between user applications and the sensitive parts of the operating system. The second vulnerability, Spectre, also found in AMD and ARM chips can trick vulnerable applications into leaking their memory contents.
Ido Naor and Jornt van der Wiel, senior security researchers at GReAT, said: “As they are hardware bugs, patching is a significant job. Patches against Meltdown have been issued for Linux, Windows and OS X, and work is underway to strengthen software against future exploitation of Spectre. Intel has a tool you can use to check if your system is vulnerable to the bugs and Google has published further information here.”
Intel, the largest chip company for computing devices, claims that it has started providing software and firmware updates to mitigate exploits from such bug.
The serious flaw in the design of Intel’s chips will require Microsoft, Linux and Apple to update operating systems for computers, BBC reported.
The UK’s National Cyber Security Centre (NCSC) said it was aware of the issue and that patches were being produced.
KK Mookhey, CEO and founder of Network Intelligence said: ‘This issue represents a higher risk in cloud environments because it would be easy to create an AWS or Azure account, start a new instance and then run the exploit to dump memory of the server which would be hosting many other instances of other customers.”
Intel said in a statement that the bug issue was not limited to its processors and that it was working on a fix.
“Based on analysis to date, many types of computing devices — with many different tech vendors’ processors and operating systems – are susceptible to these exploits. We are working to develop an industry-wide approach to resolve this issue promptly and constructively,” Intel said.
Experts have said that the fix could slow down the performance of computers by up to 30 percent but Intel played this down, saying that “for the average user, performance impacts should not be significant and will be mitigated over time”.
The flaw is also likely to affect major cloud computing platforms such as Amazon, Microsoft Azure and Google, according to The Register.
Intel said reports that these exploits are caused by a bug or a flaw and are unique to Intel products are incorrect. Intel said any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.
Intel is working with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively.
Intel suggests that device users need to check with your operating system vendor or system manufacturer and apply any available updates.
“Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied,” Intel said.
Intel has already lost its number one position in the global semiconductor market in 2017.
“The largest memory supplier, Samsung Electronics, gained the most market share and took the No. 1 position from Intel — the first time Intel has been toppled since 1992,” said Andrew Norwood, research vice president at Gartner.
The global semiconductor revenue rose 22.2 percent to $419.7 billion in 2017. Undersupply helped drive 64 percent revenue growth in the memory market, which accounted for 31 percent of total semiconductor revenue in 2017.
The key driver behind the booming memory revenue was higher prices due to a supply shortage. NAND flash prices increased 17 percent, while DRAM prices rose 44 percent. Gartner said tech companies could not absorb these price increases so passed them onto consumers, making everything from PCs to smartphones more expensive in 2017.