Intel rules out flaw in its chips as Meltdown and Spectre spook the world

4 Jan 2018914 Views

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Image: Dan74/Shutterstock

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Intel says that claims Meltdown or Spectre are due to flaws or bugs on processors are incorrect.

Chip giant Intel has dismissed suggestions that the Meltdown and Spectre exploits represent bugs or flaws in its chips, and said that other manufacturers are equally susceptible to the vulnerabilities.

The world awoke today to a terrifying reality that virtually all phones and computers in the world are potentially at risk because of security vulnerabilities that exist on chips manufactured in the last 10 years.

‘Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect’
– INTEL

Discovered by Google’s Project Zero team last June, the tech industry was due to provide a jointly coordinated response to the exploits on 9 January, but now the issue is out in the open. Security researchers warn that the industry is in a race against time before hackers figure out how to exploit the vulnerabilities.

Meltdown concerns laptops, desktop computers and internet servers that have Intel chips, and allows a rogue program to access the memory and other secrets of programs and the operating system contained in the central processing unit (CPU).

Spectre is an exploit that breaks the isolation between different applications on chips from Intel, AMD and ARM, and potentially allows hackers to ‘trick’ error-free programs that normally follow best practices into ‘leaking’ their secrets.

IDC estimated that there are 1.5bn PCs in use around the world today, out of which 90pc are powered by Intel processors.

Intel said it is working with AMD and ARM as well as operating system-makers to develop an industry-wide approach to resolving the issue. Microsoft and Linux Foundation are working on patches to fix the vulnerabilities while Apple has yet to make a statement on the matter.

Average computer user won’t be affected, says Intel

In a statement, Intel said that the exploits surfaced through security research and, while they have the potential to gather sensitive data, the company does not believe these exploits have the potential to corrupt, modify or delete data.

‘Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time’
– INTEL

“Recent reports that these exploits are caused by a ‘bug’ or a ‘flaw’ and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices – with many different vendors’ processors and operating systems – are susceptible to these exploits.

“Intel is committed to product and customer security, and is working closely with many other technology companies – including AMD, ARM Holdings and several operating system vendors – to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits.

“Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.”

The electronics giant urged consumers and businesses to check with operating system vendors and device manufacturers for updates.

“Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

“Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.”

Editor John Kennedy is an award-winning technology journalist.

editorial@siliconrepublic.com