The scramble to harden a broad array of devices comes after researchers found two significant vulnerabilities within modern computing hardware, one of which can not be fully resolved as of yet. The Redmond giant released yesterday an emergency update with kernel fixes to protect Windows users from the security flaw, highlighting that the security exploit is serious but hasn't been actually used for now. Apple has confirmed all its Mac systems and iOS devices are affected.
Researchers at Google's Project Zero, academic institutions and private companies published their findings on the vulnerabilities on Wednesday.
The flaws were discovered by several teams, working independently. The material defect also lets hackers use code running in a browser to access memory in the attacker's process, potentially exposing customers' passwords and personal information. Spectre, the broader bug that applies to almost all computing devices, is harder for hackers to take advantage of but less easily patched and will be a bigger problem in the long term, he said. According to Google, it is possible to prevent specific known exploits based on Spectre through software patches. In the meantime, criminal actors and nation states could further develop the Spectre vulnerability, making attacks easier to execute.
Major security flaws put virtually all phones & computers at risk
With regards to the performance impact of the fixes for these vulnerabilities, again Intel is citing what it believes are exaggerated reports. In a statement to CNBC, AMD explained the difference in architecture between Intel and AMD chipset puts AMD at "zero risks". "Intel is committed to responsible disclosure".
"While on some discrete workloads the performance impact from the software updates may initially be higher, additional post-deployment identification, testing and improvement of the software updates should mitigate that impact".More news: Warm weather could cause ice jams
Desktops, laptops, cloud servers, and smartphones are affected by one or both vulnerabilities, the researchers warn.
The revelations "attack the foundational modern computer building block capability that enforces protection of the (operating system)", said Steve Grobman, chief technology officer at security firm McAfee. The most important action users can take right now is to make sure they are current on any software updates, said Ghosemajumder.More news: 'Animaniacs' Reboot Lands Two-Season Straight-to-Series Order at Hulu
Today will be a crucial test of the market's response to news of a massive security vulnerability that affects chips made by Intel, as well as a separate problem that hits all microprocessors, regardless of manufacturer.
Security tools and protocols are meant to separate individual customers' data, but the recently discovered chip flaws would allow hackers to circumvent these protections.
"In addition, many operating system vendors, public cloud service providers, device manufacturers and others have indicated that they have already updated their products and services", the company said."In addition, many operating system vendors, public cloud service providers, device manufacturers and others have indicated that they have already updated their products and services", the company said.More news: K Sivan is new ISRO chairman