Major flaw in millions of Intel chips revealed

Discussion in 'General Smartphone/Handheld/Wearable Discussion' started by RickAgresta, Jan 3, 2018.

  1. RickAgresta

    RickAgresta Peanut, leader of the Peanutty Forces

    Messages:
    19,364
    Likes Received:
    11,257
    Trophy Points:
    288
    A serious flaw in the design of Intel's chips will require Microsoft, Linux and Apple to update operating systems for computers around the world.

    It is believed to affect chips in millions of computers from the last decade.

    The UK's National Cyber Security Centre (NCSC) said it was aware of the issue and that patches were being produced.

    In response, Intel said the issue was not limited to its processors and that it was working on a fix.

    "Based on analysis to date, many types of computing devices - with many different vendors' processors and operating systems - are susceptible to these exploits," it said in a statement.

    It said it was working to "develop an industry-wide approach to resolve this issue promptly and constructively".

    "Intel has begun providing software and firmware updates to mitigate these exploits," it said.

    [​IMG]
    Analysis by Chris Foxx, technology reporter
    Often when researchers discover a security problem, they share the information with the affected company so the issue can be fixed.

    Typically, both parties agree not to publicise the problem until a fix has been implemented, so that criminals cannot take advantage of the issue.

    This time it looks like somebody jumped the gun and information was leaked before a software fix was ready for distribution.

    Intel said it had planned to share information next week, and several security researchers have tweeted that they have made a secrecy pact with the chip-maker.

    That leaves the company in an uncomfortable situation, with a widely-publicised problem before the fix is ready to go.

    [​IMG]
    Experts have said that the fix could slow down the performance of computers by up to 30% but Intel played this down, saying that "for the average user, performance impacts should not be significant and will be mitigated over time".

    In response to the news, the NCSC said: "We are aware of reports about a potential flaw affecting some computer processors. At this stage there is no evidence of any malicious exploitation and patches are being produced for the major platforms."

    "The NCSC advises that all organisations and home users continue to protect their systems from threats by installing patches as soon as they become available."

    Link: http://www.bbc.com/news/technology-42553818
     
    Mi An, Hook, internetpilot and 3 others like this.
  2. internetpilot

    internetpilot Flying Dog (...duh...)

    Messages:
    2,704
    Likes Received:
    1,183
    Trophy Points:
    288
    I just read a benchmark report on the before/after of Microsoft's fix for this, (I'll try to find it again and post a link) and the performance degradation seems to range from minimal to non-existent. Even areas where it's a rather significant ~20%, it seems to be relatively offset, if not even reversed, with an improvement.

    That's a big "whew" for sure.
     
  3. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    13,517
    Likes Received:
    1,963
    Trophy Points:
    113
    The biggest impact of this, is rendering the devices that aren't computers, but consumer grade connected devices to junk status. iPad Mini 1st gen, stuck on iOS 9.x. Companies still peddle software to manage these, as they're still a viable product for education, software still works... Consumers haven't a clue and are bound to store sensitive information on these.

    I kicked these things out with the wifi exploit, but I know plenty of neighboring districts that have not even flinched over the issues with unsupported devices.

    This makes my head hurt.... so much...
     
    lelisa13p, scjjtt, jigwashere and 3 others like this.
  4. RickAgresta

    RickAgresta Peanut, leader of the Peanutty Forces

    Messages:
    19,364
    Likes Received:
    11,257
    Trophy Points:
    288
    …and this story *finally* made it to national news tonight (05-Jan-2018)
     
  5. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    13,517
    Likes Received:
    1,963
    Trophy Points:
    113
    And the world looked upon this news with glazed eyes and complete lack of understanding...

    Sent from my Samsung Galaxy Note 8 using Tapatalk
     
  6. RickAgresta

    RickAgresta Peanut, leader of the Peanutty Forces

    Messages:
    19,364
    Likes Received:
    11,257
    Trophy Points:
    288
    that's the effect of all the pre-Olympics adverts and specials…
     
  7. RickAgresta

    RickAgresta Peanut, leader of the Peanutty Forces

    Messages:
    19,364
    Likes Received:
    11,257
    Trophy Points:
    288
    scjjtt and lelisa13p like this.
  8. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    13,517
    Likes Received:
    1,963
    Trophy Points:
    113
    scjjtt, lelisa13p and RickAgresta like this.
  9. lelisa13p

    lelisa13p Your Super Moderator Super Moderator

    Messages:
    22,583
    Likes Received:
    4,815
    Trophy Points:
    288
    Okay, having read that linked content, does this mean that I'm lucky that my 2012 laptop (I still haven't set up the new one that arrived the week before Christmas) can't run Windows Update because the HD is too full? My last batch of Win Updates was in late November and a couple on 12/15. This security stuff is a nitemare. And do I tell my Son to avoid Win Updates for the moment (he has a twin to my 2012 laptop)? Both machines run Win 7 Pro.
     
    scjjtt and headcronie like this.
  10. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    13,517
    Likes Received:
    1,963
    Trophy Points:
    113
    Good question. System impacted is 9 yrs old, with an AMD processor. I don't have more specifics, and Microsoft won't even acknowledge there is a problem. Not updating is likely to be suicide as the threat is out in the open. Updating means you risk getting shut down. I dread thinking about surrounding districts that may be impacted by this.

    Sent from my Samsung Galaxy Note 8 using Tapatalk
     
    scjjtt and lelisa13p like this.
Loading...
Similar Threads - Major flaw millions
  1. jigwashere
    Replies:
    18
    Views:
    1,182

Share This Page