In-brief: Intel has warned users not to install patches it released for the Spectre and Meltdown vulnerabilities in its processors, asking them to wait until it issues new software, which it’s working on now. Finding out your device has vulnerabilities is bad enough, but finding out the patched issued to fix them are “complete and utter garbage,” according to Linux creator Linus Torvalds, is even worse. This is what faced users of devices with Intel processors on Monday when Intel warned them not to install the patches the company already had released for the Spectre and Meltdown vulnerabilities. In a blog post, Navin Shenoy, Intel’s executive vice president and general manager of the Data Center Group, said the company had identified the root cause of a frequent-reboot problem that was affecting customers who’d installed its patches for these vulnerabilities. In the meantime, don’t install the patches nor tell customers or […]
Google has come forward to claim responsibility for discovering a pair of serious security holes in Intel processors that run almost 9 in 10 computers in the world. And worse: the company has echoed a statement by Intel yesterday that the flaws are not specific to that company’s chips. Contrary to published reports, a blog post on the Google Security Blog by Matt Linton, a Senior Security Engineer at Google and Pat Parseghian, a Technical Program Manager said that flaws dubbed “Specter” (PDF) and “Meltdown” (PDF) are not limited to chips by Intel, but exist in central processing unit (CPU) chips by a wide range of vendors including Intel, AMD and ARM. Google discovered the flaws The flaws were discovered by Jann Horn, a researcher for Google’s Project Zero security team, discovered the flaw and showed how malicious actors could game a common CPU feature known as “speculative execution” to […]
In-brief: the disclosure of a critical flaw in remote management software by Intel followed the company’s move, in March, to begin offering cash bounties for information about software vulnerabilities, an Intel spokesman confirmed.
In-brief: Intel issued a patch for a serious vulnerability in firmware that has shipped with its chipsets for almost nine years, but it could take months for patches to reach affected customers from OEMs. (Editor’s note: updated with analysis from Matthew Garrett. PFR May 2, 2017.)
In-brief: After a fall from grace in the mobile handset business, Nokia is betting that its ability to do scale and security will help its Impact IoT platform best a crowded field. We speak with Rajesh Kashawa, head of Nokia’s Internet of Things Business Unit.