https://www.nytimes.com/2019/11/12/technology/intel-chip-fix.html
By Kim Zetter
The New York Times
November 12, 2019
Last May, when Intel released a patch for a group of security vulnerabilities
researchers had found in the company’s computer processors, Intel implied that
all the problems were solved.
But that wasn’t entirely true, according to Dutch researchers at Vrije
Universiteit Amsterdam who discovered the vulnerabilities and first reported
them to the tech giant in September 2018. The software patch meant to fix the
processor problem addressed only some of the issues the researchers had found.
It would be another six months before a second patch, publicly disclosed by the
company on Tuesday, would fix all of the vulnerabilities Intel indicated were
fixed in May, the researchers said in a recent interview.
The public message from Intel was “everything is fixed,” said Cristiano
Giuffrida, a professor of computer science at Vrije Universiteit Amsterdam and
one of the researchers who reported the vulnerabilities. “And we knew that was
not accurate.”
The Intel flaws, like other high-profile vulnerabilities the computer security
community has recently discovered in computer chips, allowed an attacker to
extract passwords, encryption keys and other sensitive data from processors in
desktop computers, laptops and cloud-computing servers.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
