British researchers have discovered a major design flaw in Intel chipsets released in the last 10 years and fixing it will require an update, which will affect the performance of PCs by up to 30%, reports tech portal The Register.
The report claims that the vulnerability only affects PCs running on Intel chipsets, while AMDs processors are not affected as they do not allow memory references, the process which is at the heart of the issue.
Intel has refuted the claim that the “flaw is unique to Intel products", and argued that the vulnerability does not have the potential to corrupt, modify or delete data on the kernel.
In an official blog post, Intel said they were aware of the issue and were going to disclose it next week with software and firmware updates to resolve it. “Intel is making this statement today because of the current inaccurate media reports," said the blog.
Kernel forms the core of the OS and connects the programs to the hardware of a PC. It translates all user requests for the processor, RAM and even peripherals. To process the requests faster, some part of the Kernel is kept in virtual memory address space of all programs in an invisible form. Due to the vulnerability in Intel chipsets, the Kernel is now visible to the processes.
This can be a serious security risk as it makes gathering sensitive data on the kernel easier for hackers in case of a malware attack. Researchers point out that the issue can only be resolved by separating kernel memory from user processes through Kernel Page Table Isolation. This basically removes the part of kernel from the memory of the program. This will increase the kernel’s processing time and in turn will affect the performance of the PC.
Intel assures that any impact on performance depends on the workload and will not be significant for an average user. However, it hasn’t denied the claim that resolving the issue will slow down the PC by 30%.
The issue is software agnostic which means all Linux, macOS , Windows-based PCs are likely to be affected.
Microsoft has reportedly released a security update to all supported versions of Windows, which includes Windows 7, 8 and 10. However, the issue needs to be addressed at the hardware level and will require a separate update from Intel.
The chipmaker has advised all PC users to apply new updates immediately and follow good security practices, until the company releases the update to resolve the issue.