Intel experienced some serious setbacks late last year when Google Project Zero revealed some major flaws with its chip designs, but now, the chip maker is getting back on track. The flaws were named Meltdown and Spectre and affected not only PC chips but also processors used in mobile devices and even servers. The first phase in dealing with Meltdown and Spectre was to patch vulnerabilities as best as possible through software updates, but now Intel has designed a permanent fix for its upcoming chips.
All current Intel products have now been patched
Intel CEO Brian Krzanich announced the chip redesigns today in a post on the company’s website. He reiterated the chip maker’s commitment to protecting the security of its customers. He also revealed that 100% of the products Intel has released over the last five years have now received “microcode updates” to patch the Meltdown and Spectre vulnerabilities.
Customers using devices with Intel chips inside them are advised to make sure that they’ve downloaded all the updates that have been made available for their devices. Krzanich stressed the importance of keeping devices up to date at all times, as new security threats are constantly emerging.
He added that “Variant 1” of the vulnerabilities uncovered by Google Project Zero, which is the one known as Meltdown, will continue being addressed at the software level. However, they have now redesigned their processors to fix “Variants 2 and 3” of the Spectre vulnerabilities revealed last year.
Unfortunately, some of the patches that were rolled out to address these vulnerabilities caused some devices to crash, and they slowed down the performance of many devices. According to The Verge, Intel is now facing more than 30 lawsuits stemming from Meltdown and Spectre, although it certainly isn’t the only chip maker whose processors have these vulnerabilities.
Intel reveals hardware fixes for Spectre
Spectre was widely seen as the more concerning vulnerability of the two because it created a hole briefly that enabled one bit of software to see a password that was entered into another piece of software. CNET explains that Spectre was especially a concern for public cloud operators such as Amazon, Google and Microsoft because servers usually run jobs for multiple customers at the same time, potentially providing a hole that could allow hackers to jump from one customer’s data to another.
In order to fix Spectre at the chip level, Intel is employing a new type of partitioning that keeps applications from snooping on what other applications are doing.
“Think of this partitioning as additional ‘protective walls’ between applications and user privilege levels to create an obstacle for bad actors,” he explained.
The Intel executive announced that the next-generation Xeon Scalable processors code-named Cascade Lake and the eighth-generation Core processors will be the first to feature the new design. Intel’s Cascade Lake processors are targeted at the server market, so they will offer increased protection for all the data that’s stored in the public cloud and also on enterprise servers.
The redesigned chips will be launched sometime in the second half of this year.