Intel says it has redesigned its 8th-generation Xeon and Core processors to address Spectre and Meltdown vulnerabilities. The design-level fixes are on top of the software updates released early this year. The leading PC chipmaker says the updated design will now patch 100 percent of the known critical vulnerabilities.
Spectre and Meltdown, two of the most critical vulnerabilities affecting chips designed over the last two decades, were first discovered by Google Project Zero team and made public early this year. The revelation of these vulnerabilities led to chip manufacturers, software makers and developers scrambled to patch their products with software fixes. However, the software fixes released by Microsoft and Intel were found to have multiple bugs and disappointingly, these security fixes also compromised the performance of all machines.
Intel says that the hardware changes will stop attacks by the Spectre variant and Meltdown variant 3 vulnerabilities, but the software update will be required to patch Spectre variant 1 weakness. CEO Krzanich adds that future chips from the silicon manufacturer will have new layers of protection through partitioning. “Think of this partitioning as additional “protective walls” between applications and user privilege levels to create an obstacle for bad actors,” Krzanich wrote.
The design changes will appear with next-generation Xeon Scalable processors (also called Cascade Lake) as well as the 8th generation Core processors expected to ship in the second half of 2018. Krzanich, however, did not confirm whether these changes in the architecture will lead to any compromise in performance. “As we bring these new products to market, ensuring that they deliver the performance improvements people expect from us is critical,” he wrote.
Intel and other tech companies have downplayed the extent and impact of Spectre and Meltdown vulnerabilities. While there are no known exploits of these vulnerabilities, Intel has been hit with over 32 class action lawsuit. The chipmaker was also asked to appear before the Congress to explain actions it has taken to address the exploits. Since the vulnerabilities became public, Intel has promised to be more transparent with its efforts and the announcement seems to be a step in that direction.