SAN FRANCISCO, 15 May 2019:
Intel Corp and a group of security researchers yesterday said they had found a new set of security flaws in its processors that will be difficult to fix and are related to problems found last year.
Intel calls the newly discovered flaws “Microarchitectural Data Sampling,” or MDS for short. The vulnerability could let hackers read nearly all data flowing through one of Intel’s chips, though the company said the attack is difficult to carry out and that it has not seen it used outside of labs.
Intel chips released this year contain a fix for the bug. But previous generations of chips will need to be patched, and in some instances that fix could slow the performance of the chip by as much as 19%, Intel said in a post announcing the news.
Intel last year disclosed hackers could potentially read sensitive data on its processors, which power most data centres and personal computers, by exploiting a feature called speculative execution – in which the chip tries to guess which computations it will carry out ahead of time in an effort to speed up the chip.
The so-called Meltdown and Spectre flaws came to be known as side-channel attacks.
The flaws – along with how Intel handled its public response – sent its stock price tumbling as investors guessed about how customers would respond to the headaches of patches and performance slowdowns.
Intel also faced questions from lawmakers about why it did not disclose the vulnerability to US cybersecurity officials before it was made public.
At the time, security researchers and Intel said similar side-channel flaws were likely to be found in the future. Intel said yesterday its security researchers found the new flaws, which were also reported to Intel by external security researchers.