NEWS  Security  November 17, 2023  Reading time: ~1 minute)

Max (RS editor)

In a recent disclosure, concerns were raised over a potentially severe bug in certain Intel processors. The bug, if left unaddressed, could pose a serious threat, allowing attackers to test for patterns within seemingly random outputs, possibly leading to system disruptions.

Mr. Perin, shedding light on the issue, emphasized the importance of prioritizing the implementation of patches by security teams. He noted that the bug's potential to cause system crashes warrants swift action to eliminate the risk of failure.

Highlighting the commonality of such discoveries, Mr. Perin mentioned that vulnerabilities are frequently unearthed by researchers, often in pursuit of bounties. Responsible disclosure practices, like those practiced by Google, play a crucial role in benefiting users by ensuring timely and secure fixes.

Intel has officially acknowledged the problem, attributing it to an error in the CPU's handling of redundant prefixes. The company promptly released a patch, assigning the vulnerability a high-security score of 8.8 according to the Common Vulnerability Scoring System (CVSS).

The impact of this CPU vulnerability spans across various Intel processors, affecting desktops, mobile devices, servers, and CPUs used in cloud computing environments. Intel, in response, is actively working on a comprehensive, long-term solution. However, in the interim, users are strongly advised to apply the provided patch immediately to mitigate potential risks associated with the vulnerability.

(Cover image By WangXiNa on Freepik)