Intel Processor security bug
A flaw in the Intel processors architecture has opened up a vulnerability called “Meltdown” in the memory access of a computer. If that was not bad enough this bug could be present on CPUs made over the last 10 years! Normally the operating system controls all access to memory and programs and apps running on the OS have to go through the OS in order to access memory. In this way, the OS can protect and control who has access to what. But this Intel security bug lets programs and apps bypass this protection in order to see into protected memory space. This can lead to programs being able to access stuff like passwords, security keys and anything else that should be protected.
Fixing the Intel security bug in software.
Unfortunately, you can’t just send out a patch for a hardware problem. But operating system developers have been working on ways to patch this in software by separating the kernel’s memory away from user processes but there may be a downside to this. Programmers are reporting performance slowdowns after the patch. Depending on the type of work I have heard up to a 30% slowdown.
At this time there only seems to be Linux patches for the vulnerability. But Microsoft has already been working on separating the NT kernel memory in Windows 10. This was first seen in beta builds of Windows 10 in November, so I bet a patch will be out very soon now that the flaw has been made public.
AMD does not have this vulnerability
Update: another similar bug called specter takes advantage of basically the same vulnerability on AMD and ARM processers.
The good news, at least for AMD, is that the AMD processors are not affected by the “Meltdown” vulnerability. So if there is any kind of software slowdowns to fix this then AMD should be immune to that. This could also be a big boost to AMD who has been trailing behind Intel for years. AMD stocks have already started to rise as a result of this news.
Of course, there is always the chance that OS developers will not make exceptions for AMD CPUs and that everyone will get slower with the fix.
So far gaming performance is not affected by the fix. Of course, this is all Linux testing at this point since we do not have a public fix for other operating systems yet.
What can you do?
Not much at this point. Just make sure your operating system has the latest updates. Then we just wait to see how this all plays out.
There is another bug called Spectre that also hits AMD and ARM but it is harder to pull off. The attack takes advantage of the way processors work. A feature called speculative execution that has been used by most CPUs since 1995. So there is no easy solution and it will take a whole new generation of hardware to fix.
Looks like the Microsoft fix is killing some AMD powered computers. On top of that, the patch is not creating a restore point. And of course, there is no way to turn off windows updates until Microsoft figures this out. This is the very reason why not being about to control windows updates sucks.
The Intel patch is being plagued by reboot problems. But they are close to identifying the problem’s root issue.
Bruce Schneier is an internationally renowned security technologist and he made a post called The Effects of the Spectre and Meltdown Vulnerabilities that goes into a lot of details.