'Nearly all' Intel chips have major security flaw

News
By published

Vulnerability affectes nearly all Intel hardware, Bitdefender says.

(Image credit: Shutterstock)

Researchers have warned thatr Intel hardware may have another major security vulnerability, potentially putting millions of devices around the world at risk.

The security team at Bitdefender claim that "every machine" that uses an Intel processor and that runs Windows, Linux or FreeBSD is impacted by the vulnerability, which comes just months after the hugely damaging Spectre and Meltdown scares.

The company says that both enterprise and home users will be affected, as laptops, PCs and servers are all susceptible to the flaw.

Intel flaw

The vulnerability takes advantage of a flaw in Intel's hardware protection to open up a side-channel attack that would give attackers a way in to access all information in the operating system kernel memory. 

It does so by exploiting a feature known as 'speculative execution', which aims to speed up a device's CPU by getting it to make educated guesses as to which instructions might come next. However speculative execution can leave traces in-cache, which attackers can hijack to gain access into systems and the data within.

This new flaw bypasses all protections implemented after the discovery of Spectre and Meltdown in early 2018, meaning it can affect previously patched systems.

(Image credit: Intel)

“Criminals with knowledge of these attacks would have the power to uncover the most vital, best-protected information of both companies and private individuals around the world, and the corresponding power to steal, blackmail, sabotage and spy,” said Gavin Hill, vice president, datacenter and network security products at Bitdefender.

“Research into these attacks is on the cutting edge as it gets to the very roots of how modern CPUs operate and requires a thorough understanding of CPU internals, OS internals, and speculative-execution side-channel attacks in-general.”

Bitdefender says it has worked with Intel to create a fix for the flaw, which is available to download now. 

It added that ecosystem partners such as Microsoft and Linux has also patched the vulnerbaility, but users should ensure their systems are up to date immediately.

Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
A graphic showing someone on a tablet working through a supply chain.
Security issue in open source software leaves businesses concerned for systems
ransomware avast
One of the most powerful ransomware hacks around has been cracked using some serious GPU power
person at a computer
Infamous ransomware hackers reveal new tool to brute-force VPNs
person at a computer
Many workers are overconfident at spotting phishing attacks
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Data Breach
Thousands of healthcare records exposed online, including private patient information
Latest in News
Metroid Prime 4
I reckon the Nintendo Switch 2 could launch with Metroid Prime 4 – here’s why
Samsung Galaxy Z Fold 6
New rumors predict a foldable iPhone will launch next year – and cost almost twice as much as the iPhone 16 Pro Max
Pebble smartwatch countdown
Pebble confirms its smartwatch announcement is just hours away
Logo of YouTube Shorts
Is YouTube auto-playing Shorts when you open the app? Well, you’re not alone - here’s how to fix it
Google DeepMind panel discussion
“More sovereignty and protection” - Google goes all-in on UK AI with data residency, upskilling projects, and startup investments
Nintendo Switch 2
Nintendo Switch 2 expected to have AI upscaling and I can't wait to finally play Tears of the Kingdom with upgraded graphics
More about security
A graphic showing someone on a tablet working through a supply chain.

Security issue in open source software leaves businesses concerned for systems
person at a computer

Infamous ransomware hackers reveal new tool to brute-force VPNs
Samsung Galaxy Z Fold 6

New rumors predict a foldable iPhone will launch next year – and cost almost twice as much as the iPhone 16 Pro Max
See more latest
Most Popular
Samsung Galaxy Z Fold 6
New rumors predict a foldable iPhone will launch next year – and cost almost twice as much as the iPhone 16 Pro Max
Maxtang SXRL-20 mini pc
This fanless PC looks like a giant heatsink and has one incredible feature: five, yes five, 4K-capable HDMI ports
Aoostar G-flip 370
There's no need for a monitor with this Ryzen AI-powered mini PC
The Ryzen AI Max+ 395 could power the latest generation of powerful mini PCs
This prototype mini PC demonstrates a massive leap forward for integrated graphics in a console form factor
Metroid Prime 4
I reckon the Nintendo Switch 2 could launch with Metroid Prime 4 – here’s why
Minisforum AI X1 mini PC
Tiny Mac Mini rival can power four 8K monitors, and is the first mini PC to receive AMD's powerful Ryzen 7 260 APU
AOOSTAR G-FLIP mini PC
AMD powers the world's fastest all-in-one PC, and yes, I've probably overstretched the definition of AIO PC just a tiny bit
26TB WD Red Pro HDD
Western Digital introduces 26TB WD Red Pro HDDs for RAID and NAS systems at a surprisingly low price
Logo of YouTube Shorts
Is YouTube auto-playing Shorts when you open the app? Well, you’re not alone - here’s how to fix it
Samsung HW-Q990D soundbar, subwoofer and rear speakers
Samsung's best Dolby Atmos soundbar is being bricked by a new update – here's what we know so far