Microsoft released an Intel chip patch

This article is in the series: Overview of vulnerabilities on Intel, AMD, ARM chips: Meltdown and Specter. Please read all the articles in the series to get information as well as take steps to protect your device against these two serious security holes.

According to sources from The Verge, Microsoft will automatically update Windows 10 from 5PM ET / 2PM PT today. The old OS versions were patched, but were not updated automatically, but through the next Windows Update.

MIcrosoft releases patches very quickly but depends on firmware updates from Intel, AMD and other vendors. Antivirus software also needs to be updated to respond to changes in kernel access rights.

Serious security vulnerability on Intel chips

Updating the firmware and the software will cause the device to run slower.The Verge said that Intel processors from Skylake and above will not be much slow, but older versions will be significantly affected.

Microsoft and Linux protect by separating the kernel memory from the processing process, called the Kernel Page Table Isolation. Linux was patched more than 1 month ago. According to Intel CEO Brian Krzanich, they were 'informed by Google about this error a few months ago'. This incident caused Intel's stock price to drop by 3%.

CEO of Intel, Brian Krzanich

Details of the severity and coverage of this vulnerability have been somewhat clear. According to ZDNet and New York Times, these two vulnerabilities, Meltdown and Specter , affect nearly every device that has been launched in the past 20 years. The vulnerability takes up the memory of the processor and exploits the way the processor runs in parallel. As a result, 'an attacker can steal data on the system'.

Although AMD denies its chips are affected, Google researchers say they have successfully described attacks on AMD's FX and PRO CPUs. ARM confirmed the Cortex-A processor is also affected. Google Project Zero also provides more details about this error, saying it affects both Android and ChromeOS, but 'exploiting on most Android devices is difficult and limited'.https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html

The upcoming Chrome version (January 23) will also minimize the impact from this error and enable Site Isolation. Maybe macOS will also be partially patched in version 10.13.2. Apple has no comment yet.

Researchers also created a website that provides detailed information about Meltdown and Specter as FAQs.https://meltdownattack.com/

See more:

1. Why Intel killed the BIOS, switched to UEFI?
2. Intel shook hands with AMD to release the 8th generation chip competing with Nvidia