Fix for Intel Chip Flaw Comes with a Cost: Much Slower Performance

Programmers at Intel, Microsoft, and other organizations are working to patch a serious security flaw in Intel processors that could leave protected data on PCs and servers vulnerable to hacks and malicious software.

The flaw, which appears to affect all Intel chips made over the past 10 years or so, opens up the potential for bad actors to exploit the kernels at the heart of Linux- and Windows-based operating systems. Details about how such exploits might work have been kept largely under wraps until patches can be developed and applied. And Intel has yet to comment publicly on the processor vulnerability.

Some Linux patches have already been released, and Microsoft could make a fix available during next week's Patch Tuesday. However, those solutions could significantly slow device speeds -- anywhere between 5 percent and 30 percent, according to recent reports. That could affect not only business and consumer PCs but servers run by cloud services giants, such as Amazon, Google, and Microsoft.

Flaw Details under Embargo

While news about the Intel chip flaw and its possible fixes have been circulating in the developer and programmer world for a few months, the problem has just recently come to light for mainstream computer users. The Register noted yesterday that details about the bug are currently embargoed pending the release of effective patches.

The vulnerability "allows normal user programs -- from database applications to JavaScript in web browsers -- to discern to some extent the layout or contents of protected kernel memory areas," The Register reported. "The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI."

The problem with such KPTI fixes is that they require systems to switch from one address space for process virtual memory to a separate address for kernel memory...

Comments are closed.