'Major flaw in millions of Intel chips revealed' diff viewer (4/5)

This article is from the source 'bbc' and was first published or seen on January 03, 2018 17:18 (UTC). It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.bbc.co.uk/news/technology-42553818

The article has changed 7 times. There is an RSS feed of changes available.

Previous version 1 2 3 4 5 6 Next version

Version 4	Version 5
Major flaw in millions of Intel chips revealed	Major flaw in millions of Intel chips revealed
2018-01-03 21:05:26 UTC	2018-01-03 21:40:08 UTC (35 minutes later)
A serious flaw in the design of Intel's chips will require Microsoft, Linux and Apple to update operating systems for computers around the world.	A serious flaw in the design of Intel's chips will require Microsoft, Linux and Apple to update operating systems for computers around the world.
~~~~Intel~~ ~~has~~ ~~not~~ ~~yet~~ ~~released~~ ~~the~~ ~~details~~ of ~~the~~ ~~vulnerability,~~ ~~but~~ it is believed to affect chips in millions of computers from the last decade.~~	It is believed to affect chips in millions of computers from the last decade.
The UK's National Cyber Security Centre (NCSC) said it was aware of the issue and that patches were being produced.	The UK's National Cyber Security Centre (NCSC) said it was aware of the issue and that patches were being produced.
~~Some~~ ~~experts~~ said a ~~software~~ ~~fix~~ ~~could~~ ~~slow~~ ~~down~~ ~~computers.~~	In response, Intel said the issue was not limited to its processors and that it was working on a fix.
~~"We~~ ~~are~~ ~~aware~~ of ~~reports~~ ~~about~~ a ~~potential~~ ~~flaw~~ ~~affecting~~ ~~some~~ ~~computer~~ ~~processors.~~ At ~~this~~ ~~stage~~ ~~there~~ is no ~~evidence~~ of ~~any~~ ~~malicious~~ ~~exploitation~~ and ~~patches~~ are ~~being~~ ~~produced~~ ~~for~~ ~~the~~ ~~major~~ ~~platforms,"~~ ~~the~~ ~~NCSC~~ said in a statement.	"Based on analysis to date, many types of computing devices - with many different vendors' processors and operating systems - are susceptible to these exploits," it said in a statement.
	It said it was working to "develop an industry-wide approach to resolve this issue promptly and constructively".
	"Intel has begun providing software and firmware updates to mitigate these exploits," it said.
	Analysis by Chris Foxx, technology reporter
	Often when researchers discover a security problem, they share the information with the affected company so the issue can be fixed.
	Typically, both parties agree not to publicise the problem until a fix has been implemented, so that criminals cannot take advantage of the issue.
	This time it looks like somebody jumped the gun and information was leaked before a software fix was ready for distribution.
	Intel said it had planned to share information next week, and several security researchers have tweeted that they have made a secrecy pact with the chip-maker.
	That leaves the company in an uncomfortable situation, with a widely-publicised problem before the fix is ready to go.
	Experts have said that the fix could slow down the performance of computers by up to 30% but Intel played this down, saying that "for the average user, performance impacts should not be significant and will be mitigated over time".
	In response to the news, the NCSC said: "We are aware of reports about a potential flaw affecting some computer processors. At this stage there is no evidence of any malicious exploitation and patches are being produced for the major platforms."
"The NCSC advises that all organisations and home users continue to protect their systems from threats by installing patches as soon as they become available."	"The NCSC advises that all organisations and home users continue to protect their systems from threats by installing patches as soon as they become available."
The ~~bug~~ ~~could~~ ~~allow~~ ~~malicious~~ ~~programs~~ to ~~read~~ ~~the~~ ~~contents~~ of the ~~so-called~~ ~~kernel~~ ~~memory~~ of ~~computers,~~ ~~which~~ ~~can~~ ~~include~~ ~~passwords~~ ~~and~~ ~~login~~ ~~keys.~~	The flaw is also likely to affect major cloud computing platforms such as Amazon, Microsoft Azure and Google, according to The Register, which broke news of the bug.
~~It is also likely to affect major cloud computing platforms such as Amazon, Microsoft Azure and Google, according to The Register, which broke news of the flaw.~~
The effects of the updates to Linux and Windows could incur a performance slowdown of between five and 30 percent, experts said. It would involve separating the so-called kernel memory from other processes.
Shares in Intel were down almost 6% in US trading after the issue was revealed.	Shares in Intel were down almost 6% in US trading after the issue was revealed.
Experts advised caution on the issue.	Experts advised caution on the issue.
"It is significant but whether it will be exploited widely is another matter," said Prof Alan Woodward, from the University of Surrey.	"It is significant but whether it will be exploited widely is another matter," said Prof Alan Woodward, from the University of Surrey.
"The actual flaw is being rather tightly kept under wraps but from what researchers have gleaned themselves, it's all to do with a flaw in the way certain Intel CPUs address certain types of memory.	"The actual flaw is being rather tightly kept under wraps but from what researchers have gleaned themselves, it's all to do with a flaw in the way certain Intel CPUs address certain types of memory.
"If it is really bad then it may allow an exploit to read parts of the computer memory that should never be reached."	"If it is really bad then it may allow an exploit to read parts of the computer memory that should never be reached."
~~Intel did not respond to requests for comment.~~
~~Rival AMD told The Register that its chips were not affected.~~

Previous version 1 2 3 4 5 6 Next version