The last few days rumours have circulated that two potentially catastrophic chip flaws, which allow hackers to steal private and sensitive data, may be present in more than 90% of the world’s computers.
The security experts who discovered the issue, which they say affects an entire generation of computers, mobile devices and cloud networks, released a proof of concept code to confirm their reported findings.
Developers signing non-disclosure agreements meant there had been no word on the validity of these claims from insiders who built the faulty systems. Until now.
Intel, the processor manufacturer implicated in the scandal, has released a public statement, saying: ”Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed.
“Intel believes these exploits do not have the potential to corrupt, modify or delete data.”
They also claimed they aren’t the only ones affected and denied that a fault in their systems was to blame.
“Recent reports that these exploits are caused by a ‘bug’ or a ‘flaw’ and are unique to Intel products are incorrect,” they stated.
“Based on the analysis to date, many types of computing devices – with many different vendors’ processors and operating systems – are susceptible to these exploits.”
Intel has said they are now working with other tech companies (including AMD and ARM) to “resolve this issue promptly and constructively” and has begun providing software updates to “mitigate these exploits”.
How does this affect my computer?
For the average computer user, Intel says: “Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available.
“Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.”
According to the investigators, the two vulnerabilities, dubbed Meltdown and Spectre, are present in all chips produced by Intel in the last 20 years, and are said to make the entire memory contents of computers accessible.
Security tools and protocols are intended to separate individual customers’ data, but the recently discovered chip flaws would allow hackers to circumvent these protections.
However, there is no evidence that any hackers have taken advantage of this – yet.
Meltdown is a particular problem for companies such as Amazon and Google with cloud hosting services.
But by Wednesday night Amazon and Microsoft said they had updated their systems to deal with the Meltdown flaw.
Microsoft customers need to install an update on their computer locally and Amazon customers need to update their cloud software.
Currently there is no fix for Spectre as it is much harder to fix, and the anonymous researchers said it could “haunt us” for quite some time to come.