Intel discloses three more chip flaws

Intel has disclosed three more possible flaws in some of its microprocessors that can be exploited to gain access to certain data from computer memory.

Its commonly used Core and Xeon processors were among the products that were affected, the U.S. chipmaker said.

“We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices," wrote Leslie Culbertson, executive vice president of security at Intel, via a blog post.

“Once systems are updated, we expect the risk to consumer and enterprise users running non-virtualised operating systems will be low.

“This includes most of the data centre installed base and the vast majority of PC clients.

“In these cases, we haven’t seen any meaningful performance impact from the above mitigations based on the benchmarks we’ve run on our test systems.”

Culbertson said there is a portion of the market - “specifically a subset of those running traditional virtualisation technology, and primarily in the data centre” - where it may be advisable that customers or partners take additional steps to protect systems.

“This is principally to safeguard against situations where the IT administrator or cloud provider cannot guarantee that all virtualised operating systems have been updated,” Culbertson advised.

“These actions may include enabling specific hypervisor core scheduling features or choosing not to use hyper-threading in some specific scenarios.

“While these additional steps might be applicable to a relatively small portion of the market, we think it’s important to provide solutions for all our customers.”

Intel also released updates to address the issue and said new updates coupled those released earlier in the year will reduce the risk for users, including personal computer clients and data centres.

In January, the vendor came under scrutiny after security researchers disclosed flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel, Advanced Micro Devices and ARM Holdings.

AMD on Tuesday said it was not impacted by the new flaws disclosed by Intel.

(Reporting by Munsif Vengattil and Sonam Rai in Bengaluru; Editing by Arun Koyyur and James Henderson)