Intel Spectre and Meltdown update will make computers 'immune' to bug
- Autor: Leon Brazil Ene 14, 2018,
Ene 14, 2018, 14:04
"As this is a new class of attack", Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Program Manager, write, "our patch status refers to our mitigation for currently known vectors for exploiting the flaw".
The company adds that by the end of next week, it will have sent out updates to more than 90 percent of processor products manufactured during the time frame.
The release goes on to tout the 'great progress' Intel has made in just days since news of these security flaws was broken by Google Project Zero, a team of security analysts employed by Google tasked with finding zero-day vulnerabilities.
Fortunately, it seems as though the ride may be coming to a rest as Intel attempts to put the final reassuring punctuation on an arguably disastrous round of PR. While security flaws are typically limited to a specific company or product, Intel says the problem is "not a bug or a flaw in Intel products" but rather a broader problem affecting processing techniques common to modern computing platforms.
"Intel has begun providing software and firmware updates to mitigate these exploits".
Of course there is a chance cybercriminals and hostile actors will try to use this time to get the unaware to download and install false software marked as a patch.
Krzanich said that Intel was working with other companies to come up with a fix, including "OS partners", as well as rival chipmakers AMD and ARM. In a blog post, the company also discusses the impact to processor and cloud performance.
Spectre is an exploit that breaks the isolation between different applications on chips from Intel, AMD and ARM, and potentially allows hackers to 'trick' error-free programs that normally follow best practices into 'leaking' their secrets.
"Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time", Intel said in an earlier statement. So they alerted Intel, Google, Apple, and Microsoft in the hopes that these tech giants could create a patch before bad actors take advantage of the vulnerability. Apple, on the other hand, has been predictably mum on how it's dealing with the matter. Since reports on the issue have exploded over the past 24 hours, Intel is looking to cut through the noise and tell its side of the story.