Computer Running Slow? Intel Processor Security Bug Patch Could Slow Machines
Update 1/3 4:00 p.m. ET: Intel issued a response Wednesday to reports its processors contained security flaws by stating that, in the company's research, the flaws are not limited to only Intel devices. "Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits," the company said. Intel also said that it believes the security bugs do not have the potential to corrupt, modify or delete data.
For more than a decade, computer processors made by Intel contained a major security flaw that could allow malicious programs to gain access to vital and protected parts of a machine’s kernel memory, the Register reported.
The issue has been kept under wraps for months as programmers have worked to fix the flaw before it could be exploited by attackers—though the solution to the security problem could result in slower performance.
According to the Register, the specific bug plaguing Intel chips deals with the way apps and programs can view the contents of a machine’s kernel memory. The Kernel is a central part of a machine’s operating system that is in charge of managing operations of the computer and hardware, including memory and CPU usage.
By exploiting the flaw in Intel processors, an attacker could create an application that could bypass standard protections and read the contents of the kernel memory. Doing so could expose vital information including security keys, passwords and sensitive files.
Software and hardware vendors have been aware of the issue for months, well before it was made public, and have been working on a fix for both Windows and Linux operating systems that will patch the security flaw. Because of the prominence of Intel products and the more than 10 year time frame that the flaw has been present for, millions of machines—including many old PCs—will require an update.
Getting people to update their machine is often a struggle, even when it is vital to their security. Last year, Microsoft put out a patch months before the start of the WannaCry ransomware campaign. Those who installed the patch were safe from the attack, but many people didn’t update in time and more than one million machines were infected in a matter of days.
It has also been reported that the fix for the security flaw—which will separate the kernel’s memory away from user processes—could result in slower performance in the patched machines.
Some programmers have reported the patch has slowed processor speeds by between five and 30 percent, depending on which model of Intel processor is being used. That slow down could also present hurdles in getting people to update their machines, as many will choose better performance over security.
It should be noted that the results are based primarily on patches for Linux machines with Intel chips, as it is the only operating system that has made available a fix for the flaw. Windows and Mac patches have not yet been made available.
While no one benefits from a security flaw affecting millions of machines—other than potentially the attackers who would like to exploit that flaw—Intel rival AMD has seen its stock price rally following the announcement of the Intel issue.
The company confirmed its processors are not affected by the bug and can’t be subjected to similar attacks as what the Intel flaw allows. “AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against,” Tom Lendacky, an AMD engineer said.
© Copyright IBTimes 2024. All rights reserved.