Safety and Security

Intel Finds Three More Flaws In Microprocessors


Semiconductor company Intel disclosed Tuesday (August 14) that it found three more potential flaws in its microprocessors that could enable hackers to get access to data residing in the computer memory.

In a blog post, Intel said the flaw is found in its Core and Xeon processors.

“We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices. This includes keeping systems up-to-date and taking steps to prevent malware,” wrote Intel in the post.

The chip company said the three flaws are similar to previously reported variants, with these particular methods targeting access to the L1 data cache, which it said is a small pool of memory within each processor core designed to store information about what the processor core is most likely to do next. Intel said microcode updates were released earlier this year to provide a way for the system software to be cleared of the shared cache.

“Once systems are updated, we expect the risk to consumer and enterprise users running non-virtualized operating systems will be low. This includes most of the data center installed base and the vast majority of PC clients. In these cases, we haven’t seen any meaningful performance impact from the above mitigations based on the benchmarks we’ve run on our test systems,” Intel said.

Late last year the technology firm admitted there were many — and serious — flaws in the software hidden in almost every PC chip it sold in recent years. The holes came care of a feature called the “management engine” that has been a part and parcel of Intel CPU for some time — up to and including its new 8th generation Core Processor series.

The goods news? Intel said it has developed software patches to eliminate the problems. The less than good news — it seems that only two manufacturers (Dell and Lenovo) are listed by Intel as having created a way for customers to actually put the patch in place across their devices.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.