The flaw, which can be exploited in a pair of attacks dubbed Meltdown and Spectre, could allow hackers to access photos, passwords, and other sensitive information from just about any PC or server. After the patches have been issued for the more recent chips, the processor giant said it will then focus on fixing the older chips. While not as bad as Intel's case, AMD is also trying to make sure that its own systems are secure. Even still, the company is facing at least three class-action lawsuits. The company also said that it has not received any information that Meltdown and Spectre have been used to obtain customer data in the real world.
The new year got off to a rough start when several research teams disclosed critical vulnerabilities in a wide array of modern microprocessors.
Microsoft has temporarily stopped fixing a serious security flaw on personal computers powered by certain chips from Advanced Micro Devices because the repair is crippling the affected machines. However, the company and other vendors are concerned about the potential impact of exploits based around Spectre variant 2 and are preparing firmware updates accordingly.
This is of much greater consequence in these days of cloud computing where hardware is shared by numerous individuals and businesses.
"Security is job number one for Intel and our industry". Some users with Windows 10, but with an older chip from the Intel generation like Haswell or older, may notice a slowdown. However, most users with Windows 10 will hardly notice the performance difference on their PC after the security update, they say.
Spiceworks experts explained that businesses are fully aware of the risks but they either have no alternatives or no money for a software upgrade on their machines. The team suggests that users upgrade to Firefox 57.0.4 which shipped recently. If the prediction was wrong, this speculative execution is rolled back in a way that is intended to be invisible to software.
Microsoft said it would publish more benchmarks in the coming weeks.