A critical flaw found in all modern Intel processors has dominated the tech world today, with multiple tech giants rushing to fix the vulnerability which could allow an attacker to gain access to protected kernel memory. The vulnerability is so severe that the only fix is an OS-level overwrite of the kernel, leading Intel to work with several software vendors to fix the issue.
Among the affected OSes, Linux and macOS have already received patches to fix the problem last month. While Microsoft was previously expected to release a fix on the upcoming Patch Tuesday, the company will roll out an emergency fix later in the day.
Windows Insiders on the Fast ring for Windows 10 have already received the patch in the last two months of 2017, while other Windows 10 users will automatically download the fix via Windows Update. Users of Windows 7 and 8 will also have the patch made available on Microsoft's website but won't receive it directly via Windows Update until next Tuesday.
In a statement, Microsoft said the following:
"We're aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities had been used to attack our customers."
Google has released a report today that provides further details on the workings of the security exploit. Intel's CEO has confirmed the issue was first discovered by Google's Project Zero team.
Performance on older processors is likely to be impacted significantly as a result of the patch. Intel's CEO today argued that the impact on performance will be 'workload-dependent' and that average users shouldn't notice too much of a difference. Future updates will also ameliorate the hit on performance.
Source: The Verge