Intel CPUs Leaking Passwords & Killing Performance
A recent vulnerability has been discovered in some Intel processors, with billions possibly affected, some saying “everyone on the internet is affected,” and skilled hackers now gaining the opportunity to steal sensitive data including passwords.
It’s been reported that Gather Instruction in Intel chips, which usually helps CPUs access various data quickly, now has a flaw when internal hardware registers can be exposed to software. And if compromised, hackers will be able to seize sensitive data.
Affected CPUs all belong to Intel’s mainstream and server processor lineups, including Skylake and Rocket Lake. If a user hasn’t upgraded their CPU in the last few years, they are affected.
There are reports suggesting even cloud computing environments could be affected, due to Intel dominating the server market. This is where hackers could exploit the vulnerability and steal data and credentials from other consumers on the same cloud computer.
Intel have already released a fix to the situation, however it’s resulting in huge performance loss. Intel said it would release a new microcode for chips affected, and recommends users update their firmware.
Intel are estimating a performance loss of up to 50%, with AVX instructions affected most. This means AI related workloads, and high performance computing tasks will be hit hard.
The impact was tested on four different CPUs, ranging in performance losses from 6% to 39%.
Intel are also allowing users to opt out of the extra mitigation for the full performance of the CPU restored.