Science & Technology

Spectre Security Flaws Found In Intel AMD, ARM CPUs, Putting All Computers, Mobiles At Risk

| January 4 , 2018 , 13:48 IST

Security department of Intel disclosed a set of security flaws on Wednesday. They said that it could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel, Advanced Micro Devices, and ARM Holdings.

One of the bugs is specific to Intel but another affects laptops, desktop computers, smartphones, tablets and internet servers alike. Intel and ARM insisted that the issue was not a design flaw, but it will require users to download a patch and update their operating system to fix.

"Phones, PCs, everything is going to have some impact, but it'll vary from product to product," Intel CEO Brian Krzanich said in an interview with CNBC Wednesday afternoon.

ALSO READ: Intel Acquires AI start-Up Run By Indian-Origin Entrepreneur

Researchers with Alphabet's Google Project Zero, in conjunction with academic and industry researchers from several countries, discovered two flaws.

The first, called Meltdown, affects Intel chips and lets hackers bypass the hardware barrier between application run by users and the computer's memory, potential letting hackers read a computer's memory and steal passwords. The second, called Spectre, affects chips from Intel, AMD, and ARM which let hackers potentially trick otherwise error-free application into giving up secret information.

Daniel Gruss, one of the researchers at Graz University Of Technology who discovered Meltdown, called it "probably one of the worst CPU bugs ever found" in an interview with Reuters.

The flaws were first reported by tech publication the Register. It also reported that the updates to fix the problems could cause Intel chips to operate 5 percent to 30 percent more slowly.

"Intel has begun providing software and firmware updates to mitigate these exploits", Intel said in a statement. "Contrary to some reports, any performance impacts are workload-dependent, and for the average computer user, should not be significant and will be mitigated over time."

ARM Spokesman Phil Hughes said that patches had already been shared with the company's partners, which include many smartphone manufacturers.