A major security vulnerability and performance issue has been discovered in virtually all Intel chipsets, researchers and analysts warn. A fundamental design flaw in Intel's processor chips has forced the company to undergo a significant redesign of the Linux and Windows kernels to resolve the chip-level security bug. Linux and Windows programmers are busy working on updates that should resolve the security vulnerability, but could result in a performance hit for Intel chipsets upwards of 30%.
Specific details of the vulnerability are under embargo until later this month.
Generally however, it is believed that the bug has existed in many Intel products for the better part of the last decade. It's also believed that the security flaw within the Intel chipsets could be (ab)used to allow programs to gain access to user passwords, login metadata and other "protected information" on the impacted computer.
While Windows and Linux can be patched via software and should be soon (again, albeit with a performance hit), reports indicate that Apple's 64-bit macOS can't be resolved with a microcode update, resulting in Apple either needing to fix the problem via software at the OS level, or users going out and getting a new Intel chipset.
"The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI," a report in the Register says of the resolution. "At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers."Those interested can find a little more detail via this thread
in our security forum.