“A major security flaw discovered in Intel chips requires a software fix that could negatively impact the performance of your Mac,” Killian Bell writes for Cult of Mac. “The ‘design blunder’ affects all Intel chips produced in the last 10 years, according to one report.’
“A serious security flaw in all Intel chips produced over the last 10 years allows desktop programs to read parts of the protected kernel memory, according to a report from The Register. This can include data like passwords, login keys, and other sensitive information,” Bell writes. “This is incredibly worrying for all users who choose Intel. It affects those running Windows, Linux, and macOS.”
“The only fix for this problem is to isolate the kernel memory from user processes. This requires a practice called Kernel Page Table Isolation, which could cause a performance hit. Windows and Linux machines could suffer a 5- to 30-percent slowdown,” Bell writes. “It is not yet clear what the impact might be under macOS.”
Read more in the full article here.
“Apple’s 64-bit macOS, will also need to be updated – the flaw is in the Intel x86-64 hardware, and it appears a microcode update can’t address it,” John Leyden and Chris Williams report for The Register. “It has to be fixed in software at the OS level, or go buy a new processor without the design blunder… Your Intel-powered machine will run slower as a result.”
“At best, the vulnerability could be leveraged by malware and hackers to more easily exploit other security bugs,” Leyden and Williams report. “At worst, the hole could be abused by programs and logged-in users to read the contents of the kernel’s memory.”
“In an email to the Linux kernel mailing list over Christmas, AMD said it is not affected. The wording of that message, though, rather gives the game away as to what the underlying cockup is: ‘AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault,'” Leyden and Williams report. “A key word here is ‘speculative.’ Modern processors, like Intel’s, perform speculative execution. In order to keep their internal pipelines primed with instructions to obey, the CPU cores try their best to guess what code is going to be run next, fetch it, and execute it. It appears, from what AMD software engineer Tom Lendacky was suggesting above, that Intel’s CPUs speculatively execute code potentially without performing security checks.”
Read more in the full article here.
MacDailyNews Take: Intel should pay dearly for this flaw.
