Early this month, two security flaws were found in the architecture of chips designed by Intel. This potential breach may affect thousands of devices. Here’s what you need to know about the vulnerabilities.
The two flaws: Meltdown and Spectre
Meltdown is considered the less significant threat and has already been patched in many computers.
The Spectre vulnerability, on the other hand, is more problematic. It involves the foundation of the chips that form the computer’s infrastructure. This means it is likely that the problem can only be fixed by redesigning and replacing affected devices. It also impacts an allegedly secure area of the chip architecture, where information like passwords and encryption keys are stored. If exploited, it can grant hackers unchecked access to this information.
Since the two flaws represent problems in the hardware of the product, and not in the software, they are more difficult to patch. This also means the number of affected devices is astronomical and includes operating systems like Windows, Android, macOS and more.
Can the flaws be fixed?
As mentioned, the Meltdown vulnerability can be amended with a patch. While the patch resolves the vulnerability, it slows down computer systems by a full 30%. Despite this drawback, Intel urges all consumers to use the patch.
Spectre, though, has no known fix. Many experts claim that redesigning computers may not even resolve the flaw, as there is currently no known solution for the problem. It can be many years before computers and chips include fixes for the Spectre flaw.
Have the flaws been exploited?
Fortunately, there have been no known exploits of the flaws thus far.
How has Intel responded to the flaws?
Security researchers have actually known about the flaws for months – and have been working to patch them during that time. In fact, most consumer systems are already patched against Meltdown.
Intel has also made several statements in response to the discovery, though it hasn’t addressed the problem of Spectre and the potential need for a massive redesign of its product.
“Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available,” Intel said.
Intel claims that Spectre and Meltdown patches will be coming to 90% of the company’s affected chips.
Is Intel the only company that has been affected by the discovery?
While Meltdown mostly impacted Intel chips, Spectre has affected other chips, including AMD and ARM processors and IBM’s Power chips.
Fingers continue to point at Intel. The company clearly knew about the problem for a while and failed to let the public know. Critics also claim Intel has not responded to pointed questions about Spectre.
What do I need to do now?
Be sure to apply any updates as they reach the market and keep your antivirus software updated and operating at its strongest level.