Intel hit with three class-action lawsuits over chip flaws

Ajustar Comentario Impresión

He sold the one chunk of shares at the price of $44.05 while the other lump was traded at $44.55. That recommendation was later changed to "add updates", after the institute came under criticism that the full-scale CPU replacement was not a practical option.

But what are the threats?

Krzanich was appointed chief executive and elected a member of the board of directors on 16 May 2013.

Following the revelation that serious security flaws have been discovered in processors designed by Intel, AMD, and ARM, Apple has confirmed that all of its iPhones, iPads, and Macs are affected.

The two security issues, dubbed 'Meltdown' and 'Spectre', affect nearly every modern computing device - including smartphones, tablets, and PCs. If you don't install the update or delay it in any way, your machine will remain vulnerable for longer.

Basically, the exploit involves reading memory locations that are supposed to be protected and reserved for use by the computer kernel.

"As complex as it is to exploit, it's complex to defend against", said Shipley.

Google and Amazon now say all of that gloom and doom is overstated. It has also published a technical paper outlining how the flaws can be mitigated.

CPU owners are left with the unappealing choice of either purchasing a new processor or computer containing a CPU that does not contain the Defect, or continuing to use a computer with massive security vulnerabilities or one with significant performance degradation.

He said it will take a few weeks, or even months, before hackers can create viruses and malware to take advantage of the flaws, but the delay emphasizes a double-edged sword.

The Graz University of Technology explains that Meltdown works by "melting" the isolation between the operating system and user applications.

It is not an easy thing to do, as some have suggested.

Meltdown allows full access to the protected memory space, so it's potentially more dangerous.

While Intel claims that the stock sale was part of a planned divestiture, Krzanich (below, right) put the plan in place only in October, the report said. "There may end up being cases that are workload or OS specific that experience more of a performance impact". It's about "bang for the buck" for the hacker. There is currently no known fix for the Spectre bug.

And that is what distinguishes them from previous security alerts that have tended to involve software rather than hardware. Let's hope Spectre proves to be more elusive when it comes to real-world attacks.

But, as we previously reported, vulnerable chips may eventually have to be physically replaced en masse.

However, one of the information security teams that discovered the flaws noted that it was "probably not" possible to detect whether your device has been breached using the methods. Consumers can mitigate the underlying vulnerability by making sure they patch up their operating systems with the latest software upgrades. It's something like a salesperson who sees a man pick out a pair of slacks in a store and so grabs a belt and a jacket that match because they might be what he looks for next.