Thursday, 4 January 2018

Tech firms working to fix 'serious' computer chip flaws



Tech firms are working to fix two major bugs in computer chips that could allow hackers to steal sensitive data.

 
The bugs are an "absolute disaster" and need to be fixed promptly, according to one cyber-security researcher.


Google researchers said one of the "serious security flaws", dubbed "Spectre", was found in chips made by Intel, AMD and ARM.


The other, known as "Meltdown" affects Intel-made chips.


The industry has been aware of the problem for months and hoped to solve it before details were made public.
The UK's National Cyber Security Centre (NCSC) said there was no evidence that the vulnerability had been exploited.


It has issued guidance about Meltdown and Spectre, including advice on what people can do to protect themselves.


According to the researchers who found the bugs, chips dating as far back as 1995 have been affected.


Some fixes, in the form of software updates, have been introduced or will be available in the next few days, said Intel, which provides chips to about 80% of desktop computers and 90% of laptops worldwide.


"These bugs are an absolute disaster," said Matthew Hickey, a cyber-security expert at Hacker House.


While some computers can be patched quickly, others faced a longer wait, he explained, giving virtual hosting systems as one example.


"You may find that patches aren't yet available or are not adopted from the Linux patches yet," he told the BBC.




BBC         News.