Intel rearchitects new CPUs in wake of Spectre flaw
Processor-protecting partitioning. Intel is preparing to release new processors for laptops, desktops and server systems that feature hardware protection against the Spectre and Meltdown information disclosure attacks.
- Просмотров |
Intel is preparing to release new processors for laptops, desktops and server systems that feature hardware protection against the Spectre and Meltdown information disclosure attacks.
The world’s largest producer of processors was forced to issue firmware updates for its existing processors after security researchers found design flaws that could be abused to read data in memory.
Exploiting the flaws could allow attackers to glean confidential information such as log-in credentials.
Mitigations against the three variants of the flaws, dubbed Spectre and Meltdown, have proven problematic for Intel and its hardware and software partners, with system instability and degraded performance being reported by customers with the first lot of updates.
Intel chief executive Brian Krzanich today described the new security measures as “protective walls” or partitioning to prevent information leakage caused by the flaws.
The exact technical details are still under wraps.
“We have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both variants 2 [Spectre branch target injection] and 3 [Meltdown rogue cache load],” Krzanich said.
Spectre variant 1 (bounds check bypass) will be continue to be mitigated against through software fixes, Krzanich said.
Intel now says it has released microcode for all its products launched in the past five years that are vulnerable to the side-channel attacks.
Earlier this week, a little-known security firm caused controversy by claiming it had found multiple hardware flaws in Intel rival AMD’s processors, which could be exploited in a similar fashion to Meltdown and Spectre.
The firm, CTS, was sharply criticised for not giving AMD the standard 90 days to respond before public disclosure of the flaws.
Researchers also questioned if the vulnerabilities were as severe as CTS said, given that few technical details were published by the security vendor.
Linux founder Linus Torvalds chimed in to pan the CTS report, saying it was attention-seeking and nothing else.
“It looks like the IT security world has hit a new low,” Torvalds said.