Unless you are running a computer system older than Noah, then it is highly likely that you could be affected by the recently identified flaw in CPU hardware produced by Intel.
The Register has reported on a recently discovered design flaw in the CPU hardware produced by the major chip manufacturer Intel which could allow malicious access to areas of computer memory that shouldn’t be accessed. Ooopsy!
The precise details of the vulnerability have not been shouted out and an embargo is in place at present restricting the formal reporting of the security flaw details, and quite rightly so.
The real fear with the flaw, known as, amongst other names, KPTI (Kernel Page Table Isolation) and F*CKWIT (Forcefully Unmap Complete Kernel With Interrupt Trampolines) is that passwords, credit card data and even private key data could be compromised on unpatched systems.
This all sounds very geeky and nerdy, so who does this actually affect you may ask, well… Pretty much any computer system, home or business, that contains an Intel CPU manufactured over the past decade. CPUs produced since the flaw was first discovered should be OK. Linux, Apple and Microsoft devices are all affected and these organisations are beavering away as we speak on updates to resolve the security issues presented by this flaw as the fix needs to come in at the Operating System level, (Windows, Mac OS, Linux Distro) as it can’t be resolved at the CPU level by Intel.
Microsoft are expected to have an update available by the next Patch Tuesday (9th Jan 2018). Linux have already started to roll out fixes but as for Apple, it is very much unclear at the time of writing what they are doing to address the flaw. (Maybe the Apple marketing machine is working on it. **Joking! so don’t start flaming**).
No matter what the fix is and how it comes, it is believed to be extremly likely that a noticeable performance hit will become apparent. This has been gauged to be somewhere between 5% and 30% system slowdown dependant on who you listen to. Whatever level the effect is, just by the very logic of the required fix it will be noticable.
So what can you do about this?…
BMGUK Consultancy Ltd can assist you with this and any of your IT consultancy needs so please do get in touch if you need advice on this or any of your IT and Data Protection needs.
The UK’s National Cyber Security Centre (NCSC) said:
“We are aware of reports about a potential flaw affecting some computer processors. At this stage there is no evidence of any malicious exploitation and patches are being produced for the major platforms,”
The NCSC also advises that:
“All organisations and home users continue to protect their systems from threats by installing patches as soon as they become available.”
It has been noted that rival manufacturer AMD CPUs are not affected by this flaw which would answer why AMD share price has risen significantly since the announcment of this flaw in Intel CPUs, (so, cynically speaking, at least someone wins).