Intel Corp, the world’s No. 1 chipmaker has downplayed concerns that software updates to address security vulnerabilities in its computer chips will degrade performance of computers as businesses and consumers scrambled to figure out whether installing the patches would slow their machines.
These flaws are security laxes detected in nearly every computing device that make their data vulnerable to hacking. The glitch surfaced early this week when news broke that researchers were planning to release technical reports on the threats, sending businesses, governments and consumers scrambling to understand the extent of the threat and the cost of fixes. No clear consensus has emerged.
“Intel continues to believe that the performance impact of these updates is highly workload-dependent and, for the average computer user, should not be significant and will be mitigated over time,” the company said in a release.
The release cited comments from Amazon.com Inc., Apple Inc., Alphabet Inc’s Google and Microsoft Corp, which said that they had seen no significant impact to performance after installing the patches.
They were among a group of firms that quickly patched their technology to mitigate against the threat from one of those vulnerabilities, dubbed Meltdown, which only affects machines running Intel chips.
Major software makers have not issued patches to protect against the second vulnerability, Spectre, which affects nearly all computer chips made in the last decade. However, Google, Firefox and Microsoft have implemented measures in most web browsers to stop hackers from launching remote attacks using Spectre.
Governments and security experts say they have observed no cyber attacks seeking to exploit either vulnerability, though they expect hackers to attempt to do so after analysing technical data about the security flaws.
One key risk is that hackers will develop code that can infect the personal computers of users visiting malicious websites, said Chris Wysopal, chief technology officer of cyber security firm Veracode.
He advised PC owners to install the security patches to protect against such potential attacks. There is less risk to computer servers at large enterprises, he said, because those systems are not used to surf the web and can only be infected in a Meltdown attack if a hacker had already breached that network.
Microsoft has issued a patch for its Windows operating system, and Apple desktop users with the most recent operating system are protected. Google has said most of its Chromebook laptops are already protected and the rest will be soon.
“All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time,” Apple admitted in a blog post on the issue.
“These issues apply to all modern processors and affect nearly all computing devices and operating systems.”
Apple confirmed it plans to release a patch to its Safari web browser “in the coming days” to protect Mac and iOS users from Spectre. The tech giant said it had already released “mitigations” against Meltdown in its latest iPhones and iPad operating system update – iOS 11.2 and the macOS 10.13.2 for its MacBooks and iMacs.
The Apple Watch is not susceptible to the Meltdown bug, it said.
While third-party browsers from Google and others can protect Mac users from Spectre, all major web browsers for Apple’s iOS devices depend on receiving a patch from Apple. That means hundreds of millions of iPhone and iPad users will be exposed to potential Spectre attacks while browsing the Web until Apple issues its patch.
ANALYSIS: Apple no longer bullet-proof
Apple recently came under fire for iPhone software changes that slowed down the performance of some older models. It was forced to apologise for a software tweak to balance out the effect of aging batteries. The company has since reduced the cost of replacing the power units from £58 to £21 throughout 2018.
Admitting its roster of products from the iPhone, iMacs to iPads are vulnerable signals a chink in the armour of the tech giants. It remains to be seen if the latest revelation will affect sales of its immensely popular products, but it is nonetheless a wake-up call that no one is immune to the present realities of the modern world now dominated by technology from home to business applications. The inexorable march of the Internet of Things comes with its dangers.
- With additional reports from BBC and Reuters