The Register reports that a flaw in the design of Intel processors has programmers "scrambling" to redesign Linux and Windows kernels to shut down a potential attack vector that could potentially allow hackers to access passwords, files cached on a disk, and more. What's more, the fixes being worked on could reportedly slow down PCs by anywhere from five to 30 percent.
The bug itself is still under embargo, with specifics set to be released later this month, according to the report. However, some details of the flaw are available. From The Register:
It is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.
The fix that is in the works involves separating the kernel's memory from user processes as part of what's called Kernel Page Table Isolation (KPTI). The issue with this approach is that it could reportedly result in the aforementioned performance slowdowns after the kernel has been patched.
It's important to note that AMD says its processors are not impacted by this bug.
AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.
Since the flaw is present across Intel processors going back years, it impacts Linux, Windows, and macOS. For Windows users in particular, however, The Register reports that Microsoft shipped fixes with Windows Insider builds on the Fast ring in November and December, and the company is set to potentially roll out the fix to everyone in an upcoming Patch Tuesday update. While the details of the flaw aren't yet publicly available, we should learn much more once a fix is available.
Updated 4:22 PM ET: Intel has now responded to the issue, stating that the issue is not exclusive to Intel products, and that it is working with other companies across the industry, including AMD and ARM, to address the problem. Further, Intel says that it was planning to disclose the issue next week when "more software and firmware updates will be available." AMD has also confirmed that its chips are affected in some capacity, but claims that there is "near zero risk to AMD processors at this time."
Updated 7:30 PM ET: Researchers have now disclosed two new exploits that impact virtually all modern processors from ARM, Intel, and AMD. Microsoft has also issued an emergency patch for Windows users.
Update 6: Microsoft wants all of TikTok, but Trump's order may interfere
The Financial Times reports that as part of negotiations, Microsoft is now inquiring whether it can buy all of TikTok, instead of just the business in the US., Canada, Australia, and New Zealand. This new plan would include India and Europe (and excluding China).
Surface Duo and double Dans take over this week's Android Central podcast
Need even more Surface Duo in your life? Check out the latest Android Central podcast, in which Daniel Rubino and Daniel Bader (double the Dans!) discuss Surface Duo, Microsoft's Samsung love affair, and Project xCloud.
This is the best Windows 10 tablet you can buy right now
There are many Windows 10 tablets on the market, but it's hard to sort through the rubbish. Here's our picks for the best Windows 10 tablets you can buy right now. At the top of our list is the Surface Pro X, which we think is the best due to its ARM processor, large display, and thin form factor while still packing good battery life and excellent performance.
Use these motherboards with Intel's Core i5-10600K
Picking the best motherboard for the Intel Core i5-10600K processor is a relatively straightforward task as the best motherboard is one that ticks all your requirement boxes. We've rounded up a few recommendations to point you in the right direction.