Intel Claims Security Flaw Also Impacts Non-Intel Chips, Exploits Can't Corrupt, Modify or Delete Data [Updated]

intelIntel this afternoon addressed reports of a serious design flaw and security vulnerability in its CPUs, shedding additional light on the issue that was uncovered yesterday and has since received extensive media coverage.

In a statement on its website, Intel says that it planned to disclose the vulnerability next week when additional software patches were available, but was forced to make a statement today due to "inaccurate media reports."

According to Intel, the issue is not limited to Intel chips and the exploits in question do not have the potential to corrupt, modify, or delete data. Despite Intel's statement, Intel chips are more heavily impacted, and it's worth noting that Intel makes no mention of reading kernel level data.

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

Recent reports that these exploits are caused by a "bug" or a "flaw" and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices -- with many different vendors' processors and operating systems -- are susceptible to these exploits.

Intel says it is working with several other technology companies including AMD, ARM, and operating system vendors to "develop an industry-wide approach" to resolve the problem "promptly and constructively."

As outlined yesterday, the design flaw appears to allow normal user programs to see some of the contents of the protected kernel memory, potentially giving hackers and malicious programs access to sensitive information like passwords, login keys, and more. Fixing the issue involves isolating the kernel's memory from user processes using Kernel Page Table Isolation at the OS level.

Despite reports suggesting software fixes for the vulnerability could cause slowdowns of 5 to 30 percent on some machines, Intel claims performance impacts are workload-dependent and will not be noticeable to the average computer user.

Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

Intel goes on to say that it believes its products are "the most secure in the world" and that the current fixes in the works provide the "best possible security" for its customers. Intel recommends that users install operating system updates as soon as they are available.

For Mac users, Apple has already addressed the design flaw in macOS 10.13.2, which was released to the public on December 6.

Update: Security researchers have now shared details about two separate critical vulnerabilities impacting most Intel processors and some ARM processors. Called Meltdown and Spectre, the vulnerabilities offer hackers access to data from the memory of running apps, providing passwords, emails, documents, photos, and more.

"Almost every system" since 1995 is impacted according to ZDNet, including computers and smartphones. Meltdown can read the entire physical memory of the target machine, while Spectre is able to break the isolation between different apps. Meltdown, an easy-to-use exploit, affects only Intel chips and can be addressed by a security patch, which could result in some performance issues. Spectre impacts all processors, including those from ARM and AMD, and while it is harder to exploit, there is no known fix. Fully addressing Spectre will require a re-architecture of how processors are designed.

It's not known if hackers have exploited Meltdown and Spectre as of yet, but there are proof-of-concept examples out in the wild. Google's Project Zero team had a hand in unearthing the vulnerabilities and Google has also shared details on the exploits. Full research papers on Meltdown and Spectre are available here.

Update 2: ARM and AMD have both issued statements following Intel's press release. AMD says there is a "near zero risk" to AMD processors at this time, while ARM says its processors are vulnerable.

From AMD:

There is a lot of speculation today regarding a potential security issue related to modern microprocessors and speculative execution. As we typically do when a potential security issue is identified, AMD has been working across our ecosystem to evaluate and respond to the speculative execution attack identified by a security research team to ensure our users are protected.

To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time. We expect the security research to be published later today and will provide further updates at that time.

From ARM:

I can confirm that ARM have been working together with Intel and AMD to address a side-channel analysis method which exploits speculative execution techniques used in certain high-end processors, including some of our Cortex-A processors. This method requires malware running locally and could result in data being accessed from privileged memory. Please note our Cortex-M processors, which are pervasive in low-power, connected IoT devices, are not impacted.

We are in the process of informing our silicon partners and encouraging them to implement the software mitigations developed if their chips are impacted.

Popular Stories

iPhone 17 Pro 34ths Perspective

iPhone 17 Pro Launching Later This Year With These 10 New Features

Sunday March 23, 2025 10:00 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of March 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone ...
Generic iOS 18

iOS 18.4 Coming Soon With These New Features for Your iPhone

Tuesday March 25, 2025 6:45 am PDT by
Apple is expected to release iOS 18.4 to the general public as soon as next week, following more than a month of beta testing. Apple's website says some iOS 18.4 features will be released in "early April," so the update should be out as early as Tuesday, April 1. Apple this week seeded the iOS 18.4 Release Candidate, which is typically the final beta version, barring the discovery of any...
ios 19 messages app

Here's What Apple's iOS 19 Messages App Might Look Like

Tuesday March 25, 2025 11:52 am PDT by
Leaker Jon Prosser today shared a mockup of what he says the Messages app will look like in iOS 19, demoing an interface with rounded, translucent bubble-shaped navigation buttons at the top and softer, rounder corners for the keyboard and word suggestions. Jon Prosser's Messages app mockup The return button, a button for going back to the Messages list, and the FaceTime button have a deeper...
iCloud General Feature Redux

iPhone Users Who Pay for iCloud Storage Receive a New Perk

Thursday March 20, 2025 12:01 am PDT by
If you pay for iCloud storage on your iPhone, Apple has a new perk for you, at no additional cost. The new perk is the ability to create invitations in the Apple Invites app for the iPhone, which launched in the App Store last month. In the Apple Invites app, iCloud+ subscribers can create invitations for any occasion, such as birthday parties, graduations, baby showers, and more. Anyone ...
macbook pro blue green

When Will Apple Release the M5 MacBook Pro?

Wednesday March 26, 2025 4:53 pm PDT by
Apple regularly refreshes the MacBook Pro models, and a new version that uses M5 series chips is in the works. Apple just finished refreshing most of the Mac lineup with M4 chips, and now it's time for the M5. Rumors suggest that we could see the first M5 MacBook Pro models this fall. Design There have been no rumors of a design update for the M5 MacBook Pro models that are coming this...
airpods max 2024 colors

Don't Buy Into Apple's Hype About AirPods Max Gaining Lossless Audio

Monday March 24, 2025 4:24 pm PDT by
Apple today announced that AirPods Max with a USB-C port will be gaining support for lossless audio and ultra-low latency audio with a firmware update next month, alongside the release of iOS 18.4, iPadOS 18.4, and macOS 15.4. For context, audio files are typically compressed to keep file sizes smaller. There are lossy compression standards like MP3 and AAC (Advanced Audio Codec), which...
Apple Lumon Terminal Pro

Apple's Mac Site Features Fictional 'Lumon Terminal Pro'

Wednesday March 26, 2025 12:19 pm PDT by
Apple is going all out with promotions for the popular Severance Apple TV+ show today, and as of right now, you'll find a new "Lumon Terminal Pro" listed on Apple's Mac site. The Lumon Terminal Pro is designed to look similar to the machines that Severance employees like Mark S. and Helly R. use for macrodata refinement. The Terminal features a blue keyboard, a small display with wide...
Facebook Feature

Facebook's New iPhone App Feature Turns the Clock Back to 2007

Thursday March 27, 2025 1:59 pm PDT by
In the mid-to-late 2000s, Facebook was all about staying connected with friends and family. However, as the social media platform added new features and grew over time, that core experience began to get drowned out. That changes starting now, according to Meta, which today introduced a new feature that will "bring back the joy" of classic Facebook. Specifically, Meta has redesigned the...

Top Rated Comments

timeconsumer Avatar
94 months ago
I wonder how long Intel has known about this flaw.
Apparently the CEO sold a lot of his stock on Nov 29th and kept the bare minimum amount.

https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx
Score: 26 Votes (Like | Disagree)
Apple_Robert Avatar
94 months ago
I wonder how long Intel has known about this flaw.
Score: 26 Votes (Like | Disagree)
velocityg4 Avatar
94 months ago
No... after this, I doubt Intel on security, and from what I gather, this stretches all the way back to the Pentium Pro.

Also, I don't care if it modifies, writes or deletes... the most improtant thing the bug allows reading
At least those running DOS 6 and Windows 3.1 on a 486 are safe.
Score: 24 Votes (Like | Disagree)
kevinthebright Avatar
94 months ago
Shading AMD is just another Intel cheap shot. That company has problems.
Score: 21 Votes (Like | Disagree)
jav6454 Avatar
94 months ago
No... after this, I doubt Intel on security, and from what I gather, this stretches all the way back to the Pentium Pro.

Also, I don't care if it modifies, writes or deletes... the most improtant thing the bug allows reading
Score: 18 Votes (Like | Disagree)
longofest Avatar
94 months ago
I wonder how long Intel has known about this flaw.
I actually kind of doubt they knew about it. While AMD is not affected, it does look like ARM chips are affected. This flaw has potentially been around since Pentium Pro. If Intel knew about it, they'd have quietly fixed it rather than letting it go. I think this is just a really, really good find by the researchers.
Score: 17 Votes (Like | Disagree)