Millions of computer processors worldwide contain serious security flaw

The security experts who discovered the issue, which they say affects an entire generation of computers, mobile devices and cloud networks, released a proof of concept code to confirm their reported findings.

Security issues with Intel Corp microchips are only slowing computers slightly, technology companies said, as researchers played down the need for mass hardware replacements to protect millions of devices from hackers.

Intel also said that the vulnerability is not unique to their products.

The security flaw in Intel chips allowed hackers to steal information from a memory of computer chips on some personal devices and data centers. Unfortunately, that capability is vulnerable to malicious actors who could access critical information stored in memory, including encryption keys and passwords. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013).

It added that "contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time".

According to the guys at The Register, this chip-level security flaw affects Linux, MacOS and Windows.

Currently there is no fix for Spectre as it is much harder to fix, and the anonymous researchers said it could "haunt us" for quite some time to come. If the processor can't enforce the privileges, this flaw will let other standard programs access the restricted locations such as natively coded programs and content on the web using JavaScript. So far Intel is not aware of exploits based on the two vulnerabilities.

Almost all the devices that are "affected" or are "vulnerable" to the flaws, so all are open to attack.

This also gives an opportune moment for AMD, as they have claimed that they will definitely be "taking advantage" of Intel's messy security fallout.

Operating system vendors including Apple, Microsoft and Google are also pushing out fixes to mitigate the flaws, and software developers are working on patches to address the threat posed by Spectre. It noted that it had updated most of its systems and products with protections from attack.

  • Leon Brazil