Tech companies respond to processors with major cybersecurity flaws

950
Intel processor memory leak bug
Researchers found that Intel processors were vulnerable to the 'Meltdown' bug, photo by Krzysztof Burghardt via Wikimedia commons

Major technology companies are desperate to fix some serious flaws in the security of computer processors built by chipmakers such as Intel. These processors are found in mobile phones and computers around the world and could jeopardise the cybersecurity of millions of users.

Two hardware bugs were discovered on the chipsets that essentially enable the memory of a computer to be leaked. This type of leak could reveal people’s stored passwords as well as sensitive data such as photos, instant messages and emails.

Google’s Project Zero and several academic institutions discovered the problem last year and have publicly disclosed it this week.

There is not yet any evidence that hackers have taken advantage of these bugs but tech companies are still rushing to patch vulnerabilities in their software to prevent these bugs affecting their customers. Although one of these bugs can be patched to protect against hacking, researches have stated the other bug will be harder to avoid.

Intel finds itself in the middle of this problem as they are the world’s largest supplier of processors used in today’s personal computers. Researches have said that one of the two bugs has been affecting almost every Intel processor since the mid 90’s.

The security flaw is not directly the fault of Intel, but the fault of processor design in general. These two flaws are inherent to modern computing platforms and have simply been overlooked for decades.

Both Google and Intel had discovered the vulnerabilities last June but were not going to disclose them until solutions were created. This is typically common practise so as to avoid publicising the flaw for hackers to exploit.

However, Intel was forced to reveal the issues this weekend when a British technology website reported it which consequently caused Intel’s stock price to take a hit.

Intel reported that most of the fixes coming will address the Meltdown bug, which is considered easier to fix. The Spectre bug is however much harder to fix but allegedly harder for hackers to exploit making it less of a threat for the average consumer.

These problems are not just limited to Intel products, with AMD and ARM processors also being at risk. AMD chips are similar to Intel ones and are found in most personal computers, ARM chips however are move common in mobile phones and small products attached to cars or appliances.

Researches revealed that the easier to fix Meltdown bug was mainly limited to Intel produced processors while the more serious Spectre bug was exploitable in all processors.

AMD has said that there is almost a “zero risk” to its processors because of the fact its chips are designed differently. The ARM design is commonly used in iPhones but Apple did not respond to questions about its devices being potentially affected by the bugs.