BREAKING NEWS : Allen County Councilman Joel Benz plans to accept TRAA executive director position Full Story

Major chip flaws affect billions of devices

Two major flaws in computer chips could leave a huge number of computers and smartphones vulnerable to security conce...

Posted: Jan 4, 2018 3:09 PM
Updated: Jan 4, 2018 3:09 PM

Two major flaws in computer chips could leave a huge number of computers and smartphones vulnerable to security concerns, researchers revealed Wednesday.

And a U.S. government-backed body warned that the chips themselves need to be replaced to completely fix the problems.

The flaws could allow an attacker to read sensitive data stored in the memory, like passwords, or look at what tabs someone has open on their computer, researchers found. Daniel Gruss, a researcher from Graz University of Technology who helped identify the flaw, said it may be difficult to execute an attack, but billions of devices were impacted.

Called Meltdown and Spectre, the flaws exist in processors, a building block of computers that acts as the brain. Modern processors are designed to perform something called "speculative execution." That means they predict what tasks they will be asked to execute and rapidly access multiple areas of memory at the same time.

Related: The year tech took a dark turn

That data is supposed to be protected and isolated, but researchers discovered that in some cases, the information can be exposed while the processor queues it up.

Researchers say almost every computing system -- desktops, laptops, smartphones, and cloud servers -- is affected by the Spectre bug. Meltdown appears to be specific to Intel chips.

"More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors," the researchers said.

Government agencies issued statements warning users about the vulnerabilities.

The U.S. Computer Emergency Readiness Team said that while the flaws "could allow an attacker to obtain access to sensitive information," it's not so far aware of anyone doing so.

The agency urged people to read a detailed statement on the vulnerabilities by the Software Engineering Institute, a U.S.-government funded body that researches cybersecurity problems.

The institute said that "fully removing the vulnerability requires replacing vulnerable [processor] hardware."

It said the problems affect technology giants including Apple, Google and Microsoft.

The U.S. Computer Emergency Readiness Team recommended that users read advice posted online by Microsoft and software company Mozilla.

The U.K.'s National Cyber Security Center advised organizations and individuals to "continue to protect their systems from threats by installing patches as soon as they become available."

Google programmer Jann Horn of Project Zero was one of the researchers who discovered the flaws. In a blog post, he said his group alerted chipmakers to the issues in June. Since last fall, security researchers and companies have investigated and updated software systems to address the flaws.

Related: Hackers take advantage of bitcoin's wild ride

Intel chips are found in everything from personal computers to medical equipment. The company's shares were down 3% on Wednesday.

The company said in a press release that "many types of computing devices - with many different vendors' processors and operating systems - are susceptible to these exploits."

Intel said it is working with other chipmakers, including AMD and ARM Holdings, to solve the issue. ARM said in a statement a small subset of its processors are susceptible to the flaws. AMD said in a statement there is a "near zero risk of exploitation" for one of the security issues, due to architecture differences.

A fix requires both the chip manufacturers and software makers to update their products before pushing it out.

Estimates posted on Linux message boards suggested computer performance could slow down between 5% and 30% once patched, however Intel said users will not see significant performance changes.

Tech website The Register was first to report the processor flaws on Tuesday.

A spokesperson for Microsoft told CNNMoney the company is aware of the issue and is in the process of deploying mitigations to cloud services and has released security updates to protect Windows users.

Related: The hacks that left us exposed in 2017

Google's Cloud Platform has been updated to prevent the vulnerabilities, the company said.

Amazon said in a statement most of its cloud computing machines affected by the flaw are already protected, but it is updating the rest on Wednesday.

Researchers said patches were available for Apple's OS X. The company did not respond to a request for comment.

It's important for all users to update their devices when new updates are released.

Flaws in chips are unusual. Back in 1994, a major error in Intel's Pentium processor caused computers to incorrectly calculate results.

-- Jethro Mullen contributed to this report.

Indiana Coronavirus Cases

Data is updated nightly.

Cases: 941120

Reported Deaths: 15315
CountyCasesDeaths
Marion1282511983
Lake633041097
Allen53609758
Hamilton43827447
St. Joseph41906590
Elkhart33545490
Vanderburgh30383448
Tippecanoe26820249
Johnson23609417
Hendricks22250341
Porter21737346
Clark17409229
Madison17366384
Vigo16108281
Monroe14466191
LaPorte14311239
Delaware14070221
Howard13865272
Kosciusko11418135
Hancock10841165
Warrick10674177
Bartholomew10542168
Floyd10430205
Wayne9959226
Grant9130204
Morgan8865160
Boone8389111
Dubois7710123
Dearborn762289
Henry7608130
Noble7413101
Marshall7362128
Cass7176117
Lawrence6957153
Shelby6584111
Jackson656785
Gibson6156107
Harrison603786
Huntington600195
Montgomery5805105
DeKalb574291
Knox5494104
Miami542488
Putnam536768
Clinton533665
Whitley524953
Steuben497268
Wabash483592
Jasper479160
Jefferson470092
Ripley454277
Adams444068
Daviess4169108
Scott405865
White391857
Clay390857
Greene388392
Decatur385296
Wells384983
Fayette374278
Posey359941
Jennings353156
Washington332047
LaGrange321375
Spencer317835
Fountain316555
Randolph312888
Sullivan307449
Owen283863
Starke280064
Fulton277553
Orange275859
Jay254837
Perry251652
Carroll243729
Franklin239338
Rush234130
Vermillion233250
Parke219820
Tipton209655
Pike207639
Blackford168334
Pulaski163551
Crawford146018
Newton144345
Benton142516
Brown135346
Martin128217
Switzerland125810
Warren114616
Union96911
Ohio79711
Unassigned0479

Ohio Coronavirus Cases

Data is updated nightly.

Cases: 1365800

Reported Deaths: 21596
CountyCasesDeaths
Franklin1522221560
Cuyahoga1344852327
Hamilton976051320
Montgomery670271141
Summit562091047
Lucas50900863
Butler47417655
Stark41580976
Lorain31567532
Warren30001331
Mahoning26963639
Clermont25628292
Lake24585417
Delaware22313145
Licking20487241
Fairfield20420221
Greene20309272
Trumbull19866509
Medina19796287
Clark17879328
Richland16314234
Portage16130229
Wood15681208
Allen14115256
Miami13786253
Muskingum12641152
Wayne11946238
Columbiana11708241
Tuscarawas10953269
Marion10725148
Pickaway10465129
Scioto10324127
Erie9747171
Ross9436176
Lawrence8755125
Hancock8458141
Ashtabula8317185
Geauga8173156
Belmont8140187
Jefferson7527172
Huron7423128
Union731851
Washington7183120
Athens697165
Sandusky6848134
Darke6756136
Knox6671122
Seneca6358137
Ashland5948113
Auglaize587188
Shelby5727101
Brown564171
Mercer557890
Defiance5483101
Madison543371
Crawford5425114
Highland541581
Fulton530683
Clinton525580
Logan512182
Preble4994110
Putnam4833106
Guernsey470364
Williams459282
Perry449852
Champaign445964
Ottawa436884
Jackson425362
Pike388843
Morrow383851
Fayette375853
Coshocton374766
Adams360675
Hardin359069
Gallia347356
Holmes3259108
Henry324668
Van Wert314670
Hocking301769
Wyandot280658
Carroll262652
Paulding242243
Meigs213942
Monroe189749
Noble169340
Morgan165829
Harrison157940
Vinton138118
Unassigned05
Fort Wayne
Clear
46° wxIcon
Hi: 72° Lo: 47°
Feels Like: 41°
Angola
Partly Cloudy
52° wxIcon
Hi: 71° Lo: 46°
Feels Like: 52°
Huntington
Clear
46° wxIcon
Hi: 72° Lo: 46°
Feels Like: 41°
Decatur
Partly Cloudy
46° wxIcon
Hi: 72° Lo: 47°
Feels Like: 41°
Van Wert
Partly Cloudy
51° wxIcon
Hi: 72° Lo: 47°
Feels Like: 51°
Sunshine and warmer air return to round out the work week, but the warm-up is brief.
WFFT Radar
WFFT Temperatures
WFFT National

Community Events