Google Project Zero researchers are constantly poking at operating systems and applications for zero day flaws that could leave them open to attack by hackers. This time, they found a weakness in Intel processors that potentially gives cyberattackers unauthorized access to sensitive user data.
Intel just a short while ago responded to the findings, stating that media reports were inaccurate, and that the exploit was present in many types of computing devices, even those that don’t run on Intel processors.
Things moved fast as Microsoft, Intel, Google and other tech majors issued statements reassuring their users that the issue was being handled. Microsoft stated that it released a security update to fix the problem on machines running both Intel and other processors, while Amazon issued a statement saying the majority of its affected servers were now protected.
The world is not new to cyberattacks targeting operating systems or software flaws, but microprocessor flaws are more severe because they don’t often have fixes that can be quickly put together and patched into them.
For its part, Intel says that its products are the most secure in the world, but the company’s stock continues to remain under pressure from the bad news.
In China, Alibaba and Tencent scrambled to announce system updates, but did not report any security incidents.
The flaw itself is not exactly a bug, as stated by Intel. It’s essentially a normal process where queueing up tasks for the processor leads to a situation where data is more easily accessible to an attacker. In fact, this industry-wide practice allows systems to run much faster.
The problem is, the fix to the issue could slow down some systems. According to one expert, a 25% to 30% slowdown in performance would be a worst-case scenario.
Nevertheless, security teams at the world’s biggest technology companies remain on high alert while the issues are completely resolved.
+++ + +++