Intel CEO Brian Krzanich has promised that by the end of January the recently produced processors will be updated to address the serious security issues that emerged last week, due to the very way they were designed and which can only be fixed. through software updates. The announcement was made yesterday by Krzanich during Intel's presentation at CES 2018, the large technology fair that is organized every year in Las Vegas (Nevada, United States), to present the latest industry news.
The two security problems, called “Meltdown” and “Specter”, affect a large part of the processors produced in the last 20 years and in some circumstances make it possible to steal data on computers, smartphones and other devices by malicious users (here we had explained more fully what it is). According to many experts, it is the most relevant cybersecurity problem of recent years and will take a long time to completely resolve.
Krzanich said about 90 percent of the processors Intel has released in the past 5 years are expected to have updates that will fix the problem by the end of this week, while the remaining 10 percent will have to wait until the end. of January. Krzanich was instead very generic on what effects these updates will have on the speed of the processors, repeating what Intel had already said last week in a statement: “the impact on performance depends a lot on the type of load the processors are subjected to.” Translated, it means that in some circumstances the processors could become slower, as had been reported by many experts who had estimated a slowdown between 5 and 30 percent depending on the case.
Computers, smartphones and other electronic devices work thanks to a processor, a component that manages commands and coordinates resources. The greater its computing capacity, the greater the amount of operations it can perform in a certain period of time: the speed of the devices we use depends on many things, but one of the most important is precisely this computing power. Part of the processor's power is given by the ability to manage its own internal memory, very fast, on which the processes that make the operating system and other programs work are processed. The two flaws are due to the way in which the architectures of the processors are made (i.e. how they are designed) therefore, not being able to physically intervene on them, the only solution is through software changes which can however lead to slowdowns.
Intel has received a lot of criticism for how it handled the problem, but Krzanich nevertheless pointed out that so far there have been no reports of cases in which “Specter” and “Meltdown” have been used to steal data from users. The CEO thanked all the companies that are working to curb the problem and used more relaxed tones than Intel's releases last week. For example, the company had explained that the security problems also affected the processors of other companies, and it is true, but Intel is the largest manufacturer of these components in the world and has a large part of the responsibility.
In recent days, major operating system manufacturers have published updates and instructions to reduce the risks associated with the two security problems in processors. Apple has recently released three new security updates for iOS, macOS and its Safari browser, with the aim of preventing an attacker from using “Specter” to steal data while browsing online. Previously, Apple had released updates against “Meltdown”. The company also recommends downloading programs for Macs only from its App Store, where more thorough security checks are performed on applications available for download and sale.
Microsoft has also been quite timely in rolling out updates for Windows, as early as last week. In the last few hours, however, it has had to suspend the dissemination of an update for computers that use AMD processors, therefore of a brand other than Intel, after several reports of users who have not been able to start their computers at the end of the installation of the update. Microsoft blamed AMD, saying it did not receive accurate documentation on some models of its processors.
“Meltdown” can be solved more easily by updating the operating systems and is therefore the problem that has been solved more quickly. On the other hand, “Specter” is more problematic and affects a wider range of processors than Intel's. It is still unclear whether by the end of the month, as Krzanich promised, the problem will be solved easily. Intel has also promised quick fixes for processors produced in the last 5 years or so, but the problem also affects much older versions dating back to the mid-1990s. The security problem will therefore remain quite extensive and, as the authors of the discovery wrote, “it will haunt us for some time”.
