Upcoming patches for security flaw in Intel processors expected to slow down computers

Windows users whose PCs run on Intel processors can apparently expect their computers to slow down after next Tuesday. In fact, all computers using modern Intel chips – whether they run Windows, Linux or macOS – are expected to suffer a performance hit in the coming days.

The reason for this unwelcome change is a fundamental design flaw discovered in Intel’s processor chips, more specifically in the Intel x86-64 hardware, which will have to be fixed through a change in the software (i.e. at the OS level) and will ultimately impact the responsiveness of the CPUs.

About the security hole

Details about the flaw are still under wraps, but some of the leaked information and a peak into the changes made to the open source Linux kernel’s virtual memory system indicate that it seriously affects the security of the systems running on the flawed Intel’s chips.

“It is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas,” The Register reporters explained.

“The fix is to separate the kernel’s memory completely from user processes using what’s called Kernel Page Table Isolation, or KPTI. These KPTI patches move the kernel into a completely separate address space, so it’s not just invisible to a running process, it’s not even there at all. Really, this shouldn’t be needed, but clearly there is a flaw in Intel’s silicon that allows kernel access protections to be bypassed in some way.”

In theory, this vulnerability could be exploited to defeat the kernel address space layout randomization protection (KASLR), allowing malware to place – and later find and make use of – components in the kernel’s virtual memory. Also, it might be possible for malicious programs to read the contents of the kernel’s memory, and thus gain access to passwords and other sensitive data.

The reporters also pointed to an explanation offered by AMD software engineer Tom Lendacky on why AMD processors are not affected by this flaw, and posited that the underlying problem might be in the Intel processors’ use of speculative execution.

Who will be affected?

The necessary patches for the Linux kernel have already been provided, and it is expected that Microsoft will provide them next week, as part of its monthly Patch Tuesday.

To read the original article:

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *