Intel promised hardware protection in its chips in the aftermath of the Spectre and Meltdown discovery, and now it’s detailing just what it has planned for its new CPUs. The chipmaker found its processors under the spotlight back in January, when Google Project Zero and others discovered low-level vulnerabilities in several generations of Intel chips that could potentially allow hackers to exploit consumer and enterprise systems.
Each exploit takes advantage of the fact that modern processors attempt to execute code that the CPU expects to be needed next. With that knowledge, hackers could potentially access what’s meant to be protected kernel space memory and inject malicious code for the chip to unwittingly run.
In an update on the situation shared by CEO Brian Krzanich, Intel says it has now finished patching all of its products from the past five years that are vulnerable to side-channel method hacks. That’s Spectre Variant 1, and it means that if you’ve got a Sandy Bridge or newer chip, Intel has new microcodes for you to install. Of course, depending on the age of your system, the software fix could have a significantly detrimental impact on performance, unfortunately.
It’s the hardware changes Intel has in mind which are arguably more interesting, however. According to Krzanich, Spectre Variant 1 of the exploits will continue to be dealt with by software patches. However, Spectre Variant 2 and Meltdown Variant 3 will rely on a processor redesign. This “partitioning” will add extra barriers between applications and user privilege levels, the chief exec explains.
The exact details behind those “protective walls,” as Krzanich describes them, is unclear at this stage. One possibility is merely that the same software fixes the company has developed could be integrated at a chip-level.
Of course, if you want the hardware protection, that means you’ll have to upgrade your processors – something we can’t imagine Intel is too disappointed at the idea of. According tot he chip-maker, the new Variant 2/3 protected designs will roll out with the next-generation Xeon Scalable processors, aka Cascade Lake, for server users. For consumers, meanwhile, they’ll arrive inthe 8th Generation Intel Core processors which are on track to ship in the second half of this year.
“As we bring these new products to market, ensuring that they deliver the performance improvements people expect from us is critical,” Krzanich points out. “Our goal is to offer not only the best performance, but also the best secure performance.”