Millions of PCs at risk due to security flaws in Intel, AMD, ARM chipsets

 Nidhi Singal   New Delhi     Last Updated: January 5, 2018  | 08:38 IST
New Intel chipset security flaw puts millions of PCs at risk
Image: Reuters

The recently discovered security flaw in Intel processors has put almost millions of computers at risk and hackers could steal sensitive information. It is being reported that this security flaw went unnoticed for a decade. Now software giants are working on fixing the flaw but this could slow down devices running the chips by up to 30 per cent.

Rajpreet Kaur, Senior Research Analyst, Gartner, explains, "The bug related to data leakage from privileged memory will require Intel to fix it by making changes to their chips. This bug has two main impacts. The first being the 'Security Impact' as this flaw can be exploited by malware to exploit sensitive data from the memory. The second is the 'Performance Impact'. How much will be the performance impact is still not very clear now. But in case this has a serious impact on performance, it will impact applications delivery."

Intel has issued a list of Intel-based platforms that are impacted by this issue. The list includes Intel Corei3 , Corei5, Corei7 processors (45nm and 32nm), Intel Core M processor family (45nm and 32nm), 2nd Generation, 3rd Generation, 4th Generation, 5th Generation, 6th Generation, 7th Generation and 8th Generation Intel Core processors, and many more.

According to a post on Intel's website, the company claims to have "started providing software and firmware updates to mitigate these exploits. End users and systems administrators should check with their operating system vendors and system manufacturers, and apply any updates as soon as they are available." The company also clarifies that 'On January 3, 2018 a team of security researchers disclosed several software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from many types of computing devices with many different vendors' processors and operating systems. Intel is committed to product and customer security and to responsible disclosure. We worked closely with many other technology companies, including Advanced Micro Devices (AMD), ARM Holdings and several operating system vendors, to develop an industry-wide approach to mitigate this issue promptly and constructively.'

Kaur further recommends that users using public clouds must ask for an update from their platform providers on fixing the flaw. Make sure you are aware of any maintenance downtime which might be required and have resilience so that there is no impact on critical infrastructure availability. End users are required to apply patches to fix this bug through their OS. Closely monitor and test the performance impact before applying any changes to the applications infrastructure. Make sure to allocate sufficient memory to reduce the performance impact.

  • Print

A    A   A