Potentially Every Processor Sold In The Last 10 Years Could Have A Critical Security Vulnerability That Puts Users At Severe Risk.
It’s often these days that poor IT security comes down to something like human error, and lack of awareness on the users’ part. It’s less often that there’s a widespread design flaw discovered in the technology itself, which is exactly what happened this week.
The Register published an article this week detailing how potentially every modern processor sold by Intel, Apple, AMD and ARM over the course of the last decade is affected by a design flaw that would allow malicious programs to access and read what should otherwise be protected areas of a device’s kernel memory. Kernel memory is dedicated to essential core components of an operating system and how they interact with the hardware. This puts every Smartphone, PC, Mac, and Server at risk.
Even worse, a foundational flaw like this can’t be patched with a simple, everyday update – the problem is in the hardware, which means it needs an OS-level overwrite for every single operating system (Windows, Linux, and macOS).
In a statement released January 3rd, Intel claimed that this flaw isn’t necessarily unique to their processers.
“Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.”
According to Intel CEO Brian Krzanich, Intel was informed about the security flaw by Google a few months ago. Although the extent of this flaw isn’t fully known to the public right now, it appears that developers are working hard to patch systems over the course of the next few weeks.
That said, the patching process won’t be easy, given that it will involve severing kernel memory from user processes. In a nutshell, that means users will face major performance lags, anywhere from 5 – 30%, depending on the specifics of the device.
The fix works by moving the kernel to a totally separate address space, making it nonexistent — and therefore, inaccessible — to a running process. Unfortunately, this separation process takes a lot of time to perform, as it forces the processor to dump cached data and reload from memory every time it switches between two separate addresses. The end result is an increase in the kernel’s overhead and a slower computer.
While it may not be noticeable for the average user on their home PC, this kind of lag will likely affect businesses using enterprise-grade local and cloud configurations the most. Apex is monitoring developments with these vulnerabilities and preparing to apply patches to all Managed Service clients as they become available.
As always, the best way to stay aware of threats like this, as well as protect against them, is to work with an expert partner. Our team of cybersecurity professionals will help you stay ahead of exposed vulnerabilities like these so that you can remain safe and focus on the work your business does.
If you have questions about this processor flaw or would like to learn more about what you can do to lessen the impact this may have your business, contact Apex Technology Management at (800) 310-2739 or firstname.lastname@example.org today.