Intel Says to Stop Applying Problematic Spectre, Meltdown Patch

Linus Torvalds and many others have come out in protest against the hasty and often flawed patching approach to the Meltdown and Spectre vulnerabilities.  It is good to see Intel pumping the breaks on this process and taking a closer look at the architectural needs associated with the correction of this flaw.

https://www.darkreading.com/vulnerabilities—threats/intel-says-to-stop-applying-problematic-spectre-meltdown-patch-/d/d-id/1330871

CPU Vulnerabilities – New Articles and Updates

More information came to light yesterday evening and overnight concerning the reported flaws in Intel and other processors.  I am including numerous links to multiple sources, but some of the key updates include:

  • There are actually two architectural vulnerabilities in play – Meltdown and Spectre
  • This is more than an Intel problem – AMD and ARM chips are also affected to various degrees
  • Microsoft has released an emergency out-of-band patch overnight that begins to address some of the vulnerabilities
  • There are still many unknowns as to the extent of impact that will come from patching and/or rearchitecting OS/chipset interactions

https://www.infosecurity-magazine.com/news/major-chip-flaws-confirmed/

https://www.darkreading.com/endpoint/critical-microprocessor-flaws-affect-nearly-every-machine/d/d-id/1330745

https://www.infosecurity-magazine.com/news/intel-flaw-performance-degradation/

https://threatpost.com/intel-in-security-hot-seat-over-serious-cpu-design-flaw/129289/

https://www.schneier.com/blog/archives/2018/01/spectre_and_mel.html

Report: All Intel Processors Made in the Last Decade Might Have a Massive Security Flaw

This has the potential to be hugely impactful for computer users across all industry segments and spectrums.  The threat of compromise aside, any fix that has the potential to degrade processing power by up to 30% is significant and will be felt worldwide.

https://thehackernews.com/2018/01/intel-kernel-vulnerability.html

https://gizmodo-com.cdn.ampproject.org/c/s/gizmodo.com/report-all-intel-processors-made-in-the-last-decade-mi-1821728240/amp