Update: Intel has issued a response to reports of a critical flaw in its CPUs, saying the issue is not "unique" to its processors and that it is working with AMD and ARM to find a solution.
Intel's statement also shot down claims that patching the flaw could lead to PC performance slow down by up to 30%, saying that, "Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time."
Intel urges users to check with their OS vendor or system manufacturer and apply updates as they arrive. Google and Microsoft are already tackling the issue, with Microsoft issuing a patch that should automatically update for Windows 10 users.
Original article continues below...
A major bug in Intel’s processors can’t be fixed via a firmware update, and will require an operating system patch across Windows, Linux and macOS platforms – and the bad news is that this software patch could slow down PCs potentially by up to 30%.
There are multiple caveats when it comes to that scary looking percentage figure, which we’ll discuss momentarily, but there’s no doubting that this is a huge blunder by Intel.
The Register (opens in new tab) reports that the design flaw seemingly affects all modern Intel CPUs – those produced in the last decade or so – and it gives applications the potential ability to spy inside some protected kernel memory data.
That memory space should be completely inaccessible, because it could contain elements like login or password details, or other security-shaking bits and pieces. The exact details of the flaw haven’t been made clear to avoid giving out any more details than necessary.
What is clear is that this must be fixed as soon as possible, with operating system kernels needing to be redesigned in order to completely separate the kernel’s memory from any user processes and programs. The problem with doing so is that this will trigger some slowdown in the CPU’s operation, and that’s where things get tricky.
Depending on what particular task is being tackled, and the exact processor model involved, early benchmarks show that the software patch could trigger anything from a 5% up to a 30% slowdown on PCs.
There’s a good deal of variance here, then, and as PC Gamer (opens in new tab) notes, the kernel patch probably won’t affect the average consumer using a PC so much, and isn’t likely to seriously hurt gaming and the smoothness of your frame rates. It may not even have much noticeable impact at all on the average system – enterprise users and cloud computing are more likely to be hit harder by performance slowdowns.
That said, everything at this point is pretty much speculation, so we’ll only really know when the updates are rolled out. And that’s a slightly worrying prospect, of course.
Aside from applying the relevant patch, the only other solution is to buy a brand-new processor which isn’t blighted by the bug now Intel has ironed it out – not exactly a practical prospect for most folks (unless you were mulling over pulling the trigger on a CPU upgrade anyway).
Microsoft is planning to deploy its update for Windows on a Patch Tuesday in the near future, while Linux developers are also beavering away on a fix. Meanwhile, the 64-bit version of macOS will also need to be updated with a fix, and presumably Apple is busy preparing that as we type.
Major cloud computing services such as Amazon EC2 and Microsoft Azure are affected, too, and these will also require maintenance and fixes.
This is all very bad news for Intel, as if the company hadn’t suffered badly enough on the security front last year, when several worrying (long-standing) security flaws came to light.
We've contacted Intel for a comment on this issue and will update the story when we hear more.
- We discuss who wins in the AMD vs Intel war of the CPUs