Factbox: What you need to do about newly discovered computer chip flaws

Compartir

Meltdown affects computers that use Intel chips, while Spectre affects computers and smartphones built on Advanced Micro Devices (AMD) and ARM processors.

Google and other security researchers this week disclosed two major chip flaws - one called Meltdown affecting only Intel Corp chips and one called Spectre affecting nearly all computer chips made in the last decade. "This might include your passwords stored in a password manager or browser, your personal photos, e-mails, instant messages and even business-critical documents".

Spectre is less dangerous than Meltdown, but will be more difficult to patch.

Intel and other computer firms are in a race against time to patch up a fundamental design flaw in Intel chips before hackers can take advantage. Side channel analysis exploit gives cyber attackers the ability to observe the content of privileged memory, which exploits a speculative execution to go around different privilege levels, Intel explained.

Find the detailed information on these massive flaws and individual draft papers on this page. For now, the Pixel and Nexus users are only protected.

Unfortunately, the Microsoft fix may result in some performance dips.

Rajpreet Kaur, Senior Research Analyst, Gartner, explains, "The bug related to data leakage from privileged memory will require Intel to fix it by making changes to their chips".

An Intel spokesperson said the stock trade was "unrelated" despite Intel knowing about the issue for five months.

Intel also acknowledged that the patch will slow down its chips in some instances, but the slowdown will be workload-dependent. The researchers have tested Meltdown on Intel CPUs released as early as 2011. Intel said it continues to work with its partners and others to address these issues, and appreciates their support and assistance.

Intel has been approached for comment on whether New Zealand computer users could be entitled to compensation.

The United States Computer Emergency Response Team, a government body, has issued an advisory confirming processors' performance could be diminished "by up to 30 per cent".

In a separate press release, Intel revealed that "extensive testing" has revealed that the likes of Apple, Amazon, Google and Microsoft have seen "little to no performance impact" after installing the latest updates. AMD has resolved a variant of Spectre via software and operating system updates, while another variant has "a near zero risk of exploitation" on its processors.

Intel says that it already has patches in place for "the majority of processor products introduced within the past five years". The company already faces multiple lawsuits, including one filed Thursday by Portland lawyer Michael Fuller. In that instance, some 143 million people found that their names, social security numbers, addresses and drivers license had been exposed to hackers.

Compartir