'Rush to fix 'serious' computer chip flaws' diff viewer (4/5)

This article is from the source 'bbc' and was first published or seen on January 04, 2018 00:30 (UTC). It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.bbc.co.uk/news/technology-42561169

The article has changed 13 times. There is an RSS feed of changes available.

Previous version 1 2 3 4 5 6 7 8 9 10 11 12 Next version

Previous version 1 2 3 4 5 6 7 8 9 10 11 12 Next version

Version 4	Version 5
Rush to fix 'serious' computer chip flaws	Rush to fix 'serious' computer chip flaws
2018-01-04 06:40:15 UTC	2018-01-04 09:35:28 UTC (about 3 hours later)
~~Tech firms are working to fix bugs that could allow hackers to steal personal data from computer systems.~~	Tech firms are working to fix two bugs that could allow hackers to steal personal data from computer systems.
~~Google researchers said ~~there~~ ~~were~~ "serious security ~~flaws"~~ in chips made by Intel, AMD and ~~ARM,~~ ~~affecting~~ ~~devices~~ ~~which~~ ~~use~~ ~~them.~~~~	Google researchers said one of the "serious security flaws", dubbed "Spectre", was found in chips made by Intel, AMD and ARM.
	The other, known as "Meltdown" affects Intel-made chips alone.
The industry has been aware of the problem for months and hoped to solve it before details were made public.	The industry has been aware of the problem for months and hoped to solve it before details were made public.
The UK's National Cyber Security Centre (NCSC) said there was no evidence that the vulnerability had been exploited.	The UK's National Cyber Security Centre (NCSC) said there was no evidence that the vulnerability had been exploited.
~~Some~~ ~~fixes,~~ in the ~~form~~ of ~~things~~ ~~like~~ ~~software~~ ~~updates,~~ ~~have~~ ~~been~~ ~~introduced~~ or ~~will~~ be ~~available~~ in the ~~next~~ ~~few~~ ~~days,~~ ~~said~~ ~~Intel,~~ ~~which~~ ~~provides~~ chips to ~~about~~ ~~80%~~ of ~~desktop~~ ~~computers~~ ~~and~~ ~~90%~~ of ~~laptops~~ ~~worldwide.~~	According to the researchers who found the bugs, chips dating as far back as 1995 have been affected.
	Some fixes, in the form of software updates, have been introduced or will be available in the next few days, said Intel, which provides chips to about 80% of desktop computers and 90% of laptops worldwide.
Computer chip scare: What you need to know	Computer chip scare: What you need to know
Analysis by Chris Foxx, BBC Technology reporter	Analysis by Chris Foxx, BBC Technology reporter
Often when researchers discover a security problem, they share the information with the affected company so the issue can be fixed.	Often when researchers discover a security problem, they share the information with the affected company so the issue can be fixed.
Typically, both parties agree not to publicise the problem until a fix has been implemented, so that criminals cannot take advantage of the issue.	Typically, both parties agree not to publicise the problem until a fix has been implemented, so that criminals cannot take advantage of the issue.
This time it looks like somebody jumped the gun and information was leaked before a software fix was ready for distribution.	This time it looks like somebody jumped the gun and information was leaked before a software fix was ready for distribution.
Intel said it had planned to share information next week, and several security researchers have tweeted that they have made a secrecy pact with the chip-maker.	Intel said it had planned to share information next week, and several security researchers have tweeted that they have made a secrecy pact with the chip-maker.
~~That leaves the company in an uncomfortable situation, with a widely-publicised problem before the fix is ready to go.~~	That leaves the company in an uncomfortable situation, with a widely-publicised problem made public before the fix is ready to go.
Microchips are the basic electronic systems behind many devices such as computers and mobile phones.	Microchips are the basic electronic systems behind many devices such as computers and mobile phones.
~~The ~~issue~~ ~~was~~ ~~originally~~ ~~linked~~ to a ~~flaw~~ ~~only~~ in ~~Intel's~~ ~~chips,~~ but ~~the~~ ~~firm~~ ~~said~~ ~~this~~ ~~was~~ ~~"incorrect".~~~~	The first reports suggested that a bug affected solely chips made by Intel, but it has since emerged that a separate flaw, Spectre, has been found in Intel, ARM and AMD chips.
"Many types of computing devices - with many different vendors' processors and operating systems - are susceptible to these exploits," said Intel.	"Many types of computing devices - with many different vendors' processors and operating systems - are susceptible to these exploits," said Intel.
~~ARM said patches had already been shared with its customers, which include many smartphone manufacturers.~~	ARM said patches had already been shared with its customers, which include many smartphone manufacturers.
~~AMD said it believed there was "near zero risk to AMD products at this ~~time."~~~~	AMD said it believed there was "near zero risk to AMD products at this time".
Security updates	Security updates
On a conference call for investors, Intel said researchers had shown that hackers could exploit vulnerabilities, gaining the ability to read memory and potentially access information such as passwords or encryption keys on devices.	On a conference call for investors, Intel said researchers had shown that hackers could exploit vulnerabilities, gaining the ability to read memory and potentially access information such as passwords or encryption keys on devices.
Microsoft, which uses Intel chips said it would roll out security updates on Thursday, adding it had no information suggesting any compromised data.	Microsoft, which uses Intel chips said it would roll out security updates on Thursday, adding it had no information suggesting any compromised data.
Apple is working on updates for its laptops and desktops.	Apple is working on updates for its laptops and desktops.
Google published a blog detailing what some customers may need to do. It said Android phones with the latest security updates were protected, and that Gmail was safe. It will be releasing security patches for users of older Chromebooks, while there will also be a fix for users of the Chrome web browser.	Google published a blog detailing what some customers may need to do. It said Android phones with the latest security updates were protected, and that Gmail was safe. It will be releasing security patches for users of older Chromebooks, while there will also be a fix for users of the Chrome web browser.
The NCSC said it was aware of the reports of the potential flaw and advised that all organisations and home users "continue to protect their systems from threats by installing patches as soon as they become available."	The NCSC said it was aware of the reports of the potential flaw and advised that all organisations and home users "continue to protect their systems from threats by installing patches as soon as they become available."
Experts advised caution on the issue.	Experts advised caution on the issue.
"It is significant but whether it will be exploited widely is another matter," said Prof Alan Woodward, from the University of Surrey.	"It is significant but whether it will be exploited widely is another matter," said Prof Alan Woodward, from the University of Surrey.