Linux and Windows kernels to be redesigned because of Intel chip design flaw, but fix will likely slow PCs down
Intel chips reportedly have a serious security flaw that affects millions of central processing units (CPUs) made over the last ten years.
The news will present a major headache for IT management, as the design flaw essentially allows commonly used programs to read the contents and layout of a computer’s protected kernel memory area, according to the Register.
And it seems that fixes for both the Linux and Windows kernals are being developed, but the fix for the design flaw is likely to have an impact on the performance of the computer.
The design flaw only affects Intel-based computers, and AMD machines are not apparently affected by the issue.
Exact details of the vulnerability are being carefully controlled to prevent it being exploited, and Intel is not making any public comments at the moment.
But the design flaw in Intel chips could allow attackers to bypass kernel access protections. This could for example allow all types of programs and apps to read the contents of kernel memory.
Kernels in operating systems have complete control over the system, and connect applications to the processor, memory, and other computer components. Having unauthorised access to this could compromise the computer itself (and its contents i.e. passwords etc), or indeed the entire network.
At the moment, the Register reports that fixes are being developed by both the Linux community, and Microsoft. The flaw also Apple users running MacOS, and Apple will also need to provide a fix.
It seems that the fix is to separate the kernel’s memory completely from user processes, using what is called ‘Kernel Page Table Isolation’ (KPTI). Linux programmers for example are reportedly in the process of separating the kernel’s memory away from user processes.
Microsoft meanwhile is expected to publicly introduce the necessary changes to its Windows operating system, perhaps in an upcoming Patch Tuesday security update.
It is reported that Microsoft has already pushed the fix out (in November and December) to its beta testers running Windows Insider builds.
And the bad news is that the medicine is going to taste bitter, in that the cure will more than likely down slow the performance of the affected computer.
It is not clear at this stage what the level of performance impact will be on individual laptops or desktops (best case is a 17 percent slowdown, worst case is 23 percent slowdown).
But data centres running Intel-based servers – where performance is a key metric – could feel the impact of this problem much more
And this is not the first time that a design flaw has been uncovered in Intel chips.
Last year Intel had to patch a remote execution flaw in the chipset firmware behind millions of its workstation and server chips that remained under the radar for nine years.
That vulnerability, which had been present since 2008, could have allowed hackers to gain system privileges in vulnerable computer hardware rather than need to go through the operating system, thus avoiding detection.
Quiz: What do you know about Intel?