New reports have surfaced suggesting that there might be a major security flaw with Intel processors launched in the last decade. The harsh part is that patching the issue might slow down the performance of the CPU by up to 30 percent. Intel hasn't put out an official statement yet, but Linux Kernel patches are being pushed out to all users.
However, the comments in the source code have been redacted to make it harder to figure out what is happening exactly. Microsoft, meanwhile, is also preparing to release its patches for Windows via an upcoming Patch Tuesday release, which is scheduled to arrive early next week.
The exact details of the issue are currently unavailable but according to the report published by the Register, the flaw will allow malicious programs to read critical and secure information like login keys, passwords, cached files and among other things. The problem that lies here is that this is an Intel x86-64 hardware issue, which can’t be fixed with a microcode from Intel. Instead, an OS-level fix is required to overcome the issue on all operating systems – Linux, MacOS and Windows.
The issue is currently affecting Intel-powered computers only and not AMD powered systems, due to the different methodology in which Kernel data is being handled by the two.
While the severity of the issue and the level of vulnerability of a system is yet to be confirmed, there is no evidence whether or how the flaw can be exploited on personal PCs. The Linux patches also came into limelight when a software developer blogging as Python Sweetness, dedicated a whole post going into the nitty-gritty of the matter. According to his blog post “There are hints the attack impacts common virtualization environments including Amazon EC2 and Google Compute Engine”. The Register reports that Microsoft Azure cloud service will undergo maintenance on January 10, which could be to fix this issue.
Additionally, initial synthetic benchmarks done by Phoronix suggest that there is a drop in performance on Linux (Ubuntu). There is a performance degradation of 17-18 percent overall, but there is no discernible change in gaming performance. The bad part is, even though AMD processors do not have the flaw, the new patch is also treating them as insecure, which may lower the performance figures on AMD processors as well.