Intel has screwed up real big this time. A major chip-level bug which can adversely impact data security has been discovered in Intel CPUs. The real bad news is that the bug is supposedly present on all modern processors manufactured in the last ten years and cannot be addressed with a microcode update from Intel. The bug requires an OS level update which means all systems running Windows, Linux or Mac are going to be affected. There's some good news for AMD users though, as the bug is not present on processors designed by AMD.
The bug has forced major operating system developers to get into action and release security updates as early as possible. Linux has already released updates for closing the security hole in the chips. Microsoft is said to be working on the patch which it will release next Tuesday.
The bug present on the CPU's allows for unauthorized access to the Kernel memory as stated above. The fix for this is to implement a Kernel Page Table Isolation(PTI) which will move the entire Kernel to different address space, making it invisible to running processes. Experts believe that PTI is not required in normal scenarios but Intel's hardware flaw allows circumvention of the protection mechanisms for kernel access thereby making it necessary. The fix will have a major impact on the performance of the system as the processor will need to jump to two different addresses for each system call, making it a very time-consuming process.
It is believed that system performance will be severely affected, with some reports suggesting a drop of up to 30 percent, which is not something desirable. Latest Intel processors with PCID (Process-Context Identifiers) enabled, may, however, be somewhat less affected. If a better workaround is not found by Intel, the bug may cause huge financial losses to big organizations and data centers. Linux enthusiasts have even started reporting performance drops of 17-18% in benchmark results after applying patches. The picture below clearly shows the performance loss in Linux systems.
Benchmark results before and after applying patches (Credits: Phoronix)
AMD has however ruled out the presence of any such bug in their processors. AMD informed that its microarchitecture does not allow memory or speculative references which access higher privileged data while running in a lesser privileged mode. If such an access is requested, a page fault occurs. To wrap it up, Intel has certainly made a very large mistake which is sure to hit the brand's image as a reliable chip maker.
Source: The register | Hothardware