Intel shares dipped after the company, whose processors power the majority of the world's computers, revealed another potential security flaw that could allow illicit access to data.
Intel has confirmed a new vulnerability in its processor chips, the third major flaw to be confirmed this year. Nicknamed Foreshadow, the flaw is said to be similar to the Meltdown and Spectre vulnerabilities uncovered in January that affected millions of computers and could be used to access personal information.
Intel confirmed it had already released a patch to fix the issue. Foreshadow is said to affect processors from 2015 onwards, and Intel has posted a list of affected hardware on its website.
The world’s second-largest chipmaker earlier this year released microcode and made available software on Tuesday that will protect potentially vulnerable machines, the company said in a statement.
Users of its products should update their systems to keep them safe, Intel said.
A limited number of server computers would be at risk to an exploit that would be extremely difficult to implement, Intel said.
“We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices,” the company said.
Vulnerability.
Intel shares fell 1.7 per cent by noon in US trading on reports of the vulnerability.
The Santa Clara, California-based chipmaker was criticised earlier this year for being slow to acknowledge and mitigate similar vulnerabilities to hardware previously thought to be secure in two exploits knows as Spectre and Meltdown.
The exploits countered years of industry assertions that data secured by hardware is much safer than that protected by software.
The new vulnerability was discovered and reported by a group of researchers led by a team from KU Leuven University in Belgium. Similarly to the Spectre and Meltdown flaws reported in January, the researchers said Foreshadow exploits a function called speculative execution – which is normally used to optimise computer performance – to access sensitive information on a system’s memory that would normally be out of reach, including passwords and other data.
Intel has said that, as well as issuing patches, it is changing the hardware design of its processors to prevent any vulnerability to the existing flaws. – Bloomberg/PA