Yesterday, Intel found itself in a bit of a bind after a security flaw went public. The flaw allowed users with modern CPUs on modern operating systems to gain access to the kernel, which opens PCs up to a range of cyber attacks. At the time, it was believed that this was an issue unique to Intel. Today, Intel has responded with its own statement.
Originally, Intel was going to make these findings public next week, after OS makers had a chance to push out some patches to make things secure. However, the news from yesterday forced Intel to bring its announcement forward. According to Intel, reports that these kernel exploits are unique to Intel CPUs are “incorrect and based on analysis, many other computing devices from different vendors are affected”. Intel didn't specifically name any other vendors affected.
“Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.”
The statement goes on to say that Intel is “working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively”.
Initial reports about this issue contained details on potential performance hits for systems due to the additional overhead that would be put in place to resolve this issue. According to Intel “any performance impacts are workload-dependent” and they should “not be significant” to the average computer user. There is also the promise that over time, any performance impact created by the fix will be mitigated.
KitGuru Says: Our report yesterday did come with the proviso that any performance impact would be based on the task your PC is running and your processor model, so it seems that wording still stands. Unfortunately, we don't know what Intel means by ‘the average computer user', but it is probably safe to assume that this will have more of an impact in the data center/enterprise world compared to the gaming world.