Intel Chips Have Memory Access Design Flaw and Fix Could Lead to Performance Drop

[MacRumors]

A serious design flaw and security vulnerability has been discovered in Intel's CPUs that will require an update at the operating system level to fix, reports The Register. All modern computers with Intel chips from the last 10 years appear to be affected, including those running Windows, Linux, and macOS.

Similar operating systems, such as Apple's 64-bit macOS, will also need to be updated - the flaw is in the Intel x86 hardware, and it appears a microcode update can't address it. It has to be fixed in software at the OS level, or go buy a new processor without the design blunder.

Full details on the vulnerability aren't yet known as the information is currently under embargo until later in the month. The Register has unearthed some data, however, and it seems the bug allows normal user programs to see some of the contents of the protected kernel memory.

This means malicious programs can potentially, in a worst case scenario, read the contents of the kernel memory, which can include information like passwords, login keys, and more. It's not yet clear how severe the bug is, but The Register speculates that it's significant given the rapid changes being made to Windows and Linux.

At worst, the hole could be abused by programs and logged-in users to read the contents of the kernel's memory. Suffice to say, this is not great. The kernel's memory space is hidden from user processes and programs because it may contain all sorts of secrets, such as passwords, login keys, files cached from disk, and so on. Imagine a piece of JavaScript running in a browser, or malicious software running on a shared public cloud server, able to sniff sensitive kernel-protected data.

To fix the bug, the kernel's memory needs to be isolated from user processes using Kernel Page Table Isolation, which could cause a performance hit on some machines. According to The Register, Linux and Windows machines will see a 5 to 30 percent slowdown once the fix is in place.

It's not yet clear how Macs will be impacted, as there is little information available at this time. Software updates are in the works for Linux and Windows, and though not mentioned, Apple is also likely working on a fix for the issue.

Full details on what's known about the vulnerability can be found at The Register, and additional information will be available later this month when complete details on the design flaw are shared.

Article Link: Intel Chips Have Memory Access Design Flaw and Fix Could Lead to Performance Drop

 

[thadoggfather]

what In the hell?

 

[ck2875]

According to The Register, Linux and Windows machines will see a 5 to 30 percent slowdown once the fix is in place. It's not yet clear how Macs will be impacted,

Slowdowns you say? Maybe my MBP will see improved battery life.

 

[macsrcool1234]

time to go AMD or ARM

 

[NT1440]

This is absolutely massive news.

 

[Lucky736]

Oh Intel.......

 

[itsamacthing]

This is surprising news...and how is Intel going to take responsibility? If this was a bad air bag, they would have to replace it?!

 

[HurtinMinorKey]

Literally the hardware blunder of the decade. Wow.

 

[logics8]

This would explain the constant kernels after heavy loads i've been getting.

 

[ZZ Bottom]

That’s why I won’t give up my Pentium III.

 

[ksnell]

So Intel sells a defective product for 10 years, we buy said product with certain advertised specifications which are no longer accurate, and now we are expected to pay the consequences of this without recourse?

What the....

 

[Pentad]

Wow, another Mac security flaw and now this...not a good day...

https://wccftech.com/15-year-old-macos-security-flaw-dumped-online/

 

[jrlcopy]

Heyy intel stock is about to be on sale!

 

[sorgo †]

What else can go wrong? Happy New Year, everyone.

 

[lostngone]

So if don’t mind a little memory leakage can I turn up the amount of memory that is lost and get even more performance?

 

[Jimmy Bubbles]

Yeah, I believe this may be a push for Apple to make the move. They've been getting their practice in with chipsets for iOS devices now for 10+ years. This sucks because i JUST bought the 2017 MBP.

 

[NT1440]

This is surprising news...and how is Intel going to take responsibility? If this was a bad air bag, they would have to replace it?!

If I was a government agency anywhere in the world right now I'd be assembling quite the team of lawyers right now. This is a breathtaking scale of an intelligence collection problem. There's no way the really bleeding edge intelligence services haven't been using this for espionage amongst other nations.

 

[itsamacthing]

That’s why I won’t give up my Pentium III.

486DXII66 here

 

[HurtinMinorKey]

Looks like a belated Christmas surprise for AMD. If they are not affected they this could translate into complete performance dominance in the short term.

 

[koruki]

Intel to offer $29 battery replacements soon

 

[kstotlani]

It’s a great start to the new year

 

[macus3r]

Another feather in Apple's Processor Design Group's hat. News like this will only bolster Apple's efforts to design and fab their own silicon designs, as they've done with the iOS devices.

Expect to see Apple-designed procs in computers within 3-5 years, starting with something like the MacBook Air, or the cheapest MacBook Pro/iMac. They will work up until the entire line of products is sold with their own processor designs.

 

[GhostRaider]

Doesn’t this mean that Intel will lose in lawsuits? A 30% performance hit is really bad for cpu intensive games and applications

 

[PsykX]

Let's prepare some popcorn and see what happens tomorrow morning...
https://web.tmxmoney.com/quote.php?qm_symbol=intc:us
I could understand why Apple is readying crazy fast ARM processors to finally replace these inside their Macs.

 

[cmaier]

I never screwed up a cpu that badly