Intel: Meltdown and Spectre Flaws - Computers face global slowdown

  • Thread starter Sarkar
  • Start date
  • Replies: Replies 31
  • Views: Views 4,088

Sarkar

Member
Joined
1 Jun 2013
Messages
11,003
Reaction score
11,366
Certain computer tasks could be up to 50% slower because of a fix for a security flaw discovered in Intel microprocessors.

A design flaw has been discovered in Intel chips that will require major changes to be made to the Windows and Linux kernels. While patches are being worked on -- and in the case of Windows Insiders, have already rolled out -- users of both operating systems can expect to experience something of a performance hit. macOS machines running on Intel chips are also affected.
Intel is -- for the moment -- remaining tight-lipped about the specifics of the flaw that has been unearthed, but it is believed to affect processors produced in the past decade. Developers are currently estimating that systems could experience slow downs of between 5 and 30 percent.

The flaw is in the Intel x86-64 hardware, and it appears a microcode update can't address it. It has to be fixed in software at the OS level, or go buy a new processor without the design blunder.

Companies which offer large cloud-computing products such as Amazon, Google, and Microsoft may be heavily affected. Amazon and Google were not immediately able to offer comment.

Microsoft's Azure cloud – which runs a lot of Linux as well as Windows – will undergo maintenance and reboots on January 10, presumably to roll out the above fixes.
Amazon Web Services also warned customers via email to expect a major security update to land on Friday this week, without going into details.


Computers face global slowdown due to flaw in Intel chips
Intel chips have a huge security flaw, and the fix will slow down Windows and Linux machines
'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
AMD shares surge on report of an Intel chip security flaw
 
Microsoft issues emergency Windows update for processor security bugs

Microsoft is issuing a rare out-of-band security update to supported versions of Windows today. The software update is part of a number of fixes that will protect against a newly-discovered processor bug in Intel, AMD, and ARM chipsets. Sources familiar with Microsoft’s plans tell The Verge that the company will issue a Windows update that will be automatically applied to Windows 10 machines at 5PM ET / 2PM PT today.

The update will also be available for older and supported versions of Windows today, but systems running operating systems like Windows 7 or Windows 8 won’t automatically be updated through Windows Update until next Tuesday. Windows 10 will be automatically updated today.

While Microsoft is quickly addressing the issues, the fixes will also rely on firmware updates from Intel, AMD, or other vendors that are rolling out. Some anti-virus vendors will also need to update their software to work correctly with the new patches, as the changes are related to Kernel-level access.

The firmware updates and software patches could cause some systems to run slower. Sources familiar with the situation tell The Verge that Intel processors that are based on Skylake or newer architecture won’t see a significant performance degradation. However, older processors could slow down more significantly due to the firmware and software updates.

Intel says any slow downs will be “workload-dependent,” but the company has not expanded on how this will affect older machines. Microsoft is also planning to update its cloud-based servers with the latest firmware and software patches, and these updates are rolling out now.

The Verge understands that Google is planning to document and disclose the security flaws in processors at 5PM ET today. The exact bug appears to be related to the way that regular apps and programs can discover the contents of protect kernel memory areas. Kernels in operating systems have complete control over the entire system, and connect applications to the processor, memory, and other hardware inside a computer. There appears to be a flaw in modern processors that let attackers bypass kernel access protections so that regular apps can read the contents of kernel memory.

Software vendors like Microsoft and other Linux programmers are protecting against this by separating the kernel's memory away from user processes in what’s being called “Kernel Page Table Isolation.” Linux patches have been rolling out over the past month, and now Windows patches are being made available today.
 
Security updates to Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine.
Microsoft released an update for windows 10. There isn't any information about slowing down the computer. No update released for computers running Windows 7 (maybe they roll out on Tuesday).
 
I have not checked it, but they says skylake or newer will not see significant slowdown but others will see slowdown. Post 2
I installed the update and I couldn't see any slowdown or if there is any slowdown it's not noticeable.
 
Google Online Security Blog: Today's CPU vulnerability: what you need to know

Google Chrome Browser
Current stable versions of Chrome include an optional feature called Site Isolation which can be enabled to provide mitigation by isolating websites into separate address spaces. Learn more about Site Isolation and how to take action to enable it.

Chrome 64, due to be released on January 23, will contain mitigations to protect against exploitation.

Additional mitigations are planned for future versions of Chrome. Learn more about Chrome's response.

Desktop (all platforms), Chrome 63:

Full Site Isolation can be turned on by enabling a flag found at chrome://flags/#enable-site-per-process.
Enterprise policies are available to turn on Site Isolation for all sites, or just those in a specified list. Learn more about Site Isolation by policy.
Android:

Site Isolation is available in chrome://flags but may have additional functionality and performance issues.
iOS:

Chrome on iOS uses Apple’s WKWebView, so JS compilation mitigations are inherited from Apple.

Product Status - Google Help

Android
Devices with the latest security update are protected. Furthermore, we are unaware of any successful reproduction of this vulnerability that would allow unauthorized information disclosure on ARM-based Android devices.
Supported Nexus and Pixel devices with the latest security update are protected.
Further information is available here.

Product Status - Google Help

https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
 
Last edited:
Back
Top Bottom
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock