updating: The patch that fixes security vulnerabilities for Windows 10 is available for manual download for all consumers - you can do this through This link.
The original article: Will consumers need to choose between a slowdown in performance and adequate security that allows them to sleep at night? Is this a gap in my work? Intel Only or all processor keys? It depends who you ask
Reported on the British site The Register He declared (Based on information received From a relatively anonymous Tumblr blog) On a fundamental flaw in the design of the modern labs of the company Intel Which causes their core memory to 'leak' out, as fixing the problem will lead to a drop in overall performance - and has created a massive snowball across the entire network, which continues to roll and evolve with each passing hour, it seems. Is there a cause for panic? Not for everyone and not in every situation, it seems.
Information that should be secure can be accessed through applications with basic privileges
However, it seems that this is a very specific order of operations that might allow simple applications with basic operating system access to access the kernel of the processor and view information that should be particularly secure And is available only for applications at the maximum access level. Designated malware can exploit this principle to gain access to user passwords, access data, and payment information without being aware that something is wrong.
It is worth noting that defects in the firmware of hardware products are not particularly rare. The major difference this time is the claim that a firmware update to the processors themselves can not solve the problem, and it needs to be addressed at the level of the various operating systems based on Processors In the architecture of thex86Common 64 - which in turn can lead to tens of percent damage to system performance (with greater damage to relatively older models). Definitely not something that will please the various consumers who paid hundreds or thousands of shekels for a certain level of capabilities when they purchased their computer system.
A headache for Intel only,AMD And ARM?
The wave of rumors generated by the original report led to a lot of confusion, fear and anger among users, and required Intel to provide Official response Even before the repairs were widely distributed to the various operating systems and the embargo was removed, information about the problem itself - in its official publication, the chipmaker stated that it is working hard with its partners to repair the defect, which it defines as not exclusive to its products. Modern processors, including those from home AMD And even those based on the E-ARM And not on x86-64, ostensibly.
The company promised to provide more detailed information about the breach as soon as it was opened and blocked through dedicated software updates, in order to reduce the potential risk to consumers - but clarified that this is not the ability to inject new information, change or delete it from the system kernel.
There is Signaling On the part of AMD Its products are not exposed to the loophole in question and the performance impairment that may result from its handling - while the company's factors ARM They keep silent, it seems, hoping that they will not be dragged into the whole mess.
Injury of up to 30 percent in performance?
10 has been distributed to consumers who are part of the XNUMX programWindows Insiders (but not the rest) in December, although the first to provide us with a performance comparison between the system at risk and the security system that received the required patch are actually the Linux experts of the Phoronix site,Core i7-8700K and the-Core i7-6800K and received results that could be a siren, at least to some consumers.
The performance of the compilers has not changed at all, and this gives hope that the performance of most of the features that characterize home users will not be affected while the server world, the information farm, and the HPC world will be Which are at an increased risk of significant damage to output. These are only preliminary conclusions that should be taken with limited discretion, but we are ready for any reason whatsoever to be encouraged.
At this point it seems that simple home users do not necessarily have anything to do regarding this whole saga. Updates to the various operating systems that will attempt to plug the loophole will be distributed as mandatory updates that will be challenging to evade, and all conduct will be behind the scenes and almost completely transparent. We certainly expect to hear more detail about the flaw and its significance, but for now it seems that all that can be done is to wait for further performance tests - and especially hope that the demon of performance impairment is not as terrible as claimed.