Spectre's spectre and Meltdwon's blown security breaches have caused widespread concern recently. As a chip giant with superior technical strength, Intel’s actions are also decisive and rapid. On the one hand, existing products are repaired, and on the other hand, future products are also being adjusted.
Intel CEO Ke Zaiqi personally wrote the article and announced the latest progress of this loophole. It is quite encouraging.
Ke Zaiqi first stated that this incident has brought unprecedented challenges to the entire industry. Thousands of engineers all over the world work tirelessly to protect customers and their data. Even competitors are closely cooperating. Qi expressed sincere thanks to all people.
In the CES exhibition at the beginning of this year, Ke Zaiqi also made a clear commitment to safety when giving speeches, including customer priority in emergencies, transparency, communication and contact at the first time, continuous security.
Ke Qiqi announced that For Intel's processors released over the past five years, 100% have obtained microcode updates that bypass the boundary checking vulnerability (the first form of ghost bugs).
Next, these microcodes will be pushed to users in succession with the motherboard BIOS, system patches.
For the second way of Spooky Vulnerability (Branch Destination Injection) and the Fuse Vulnerability (Malastic Data Cache Injection), Intel has redesigned the relevant parts of the processor architecture, introducing a new protection mechanism at the application and user privilege level. A new firewall was built to isolate malicious code.
This change will come first from the next-generation Xeon Scalable to highly scalable processors codenamed Cascade Lake, and the eighth-generation Core processors shipped in the second half of the year.
Intel's eight-generation Core currently has a low-power mobile version of Kaby Lake-R, desktop version of Coffee Lake-S, and will soon release high-performance mobile version of Coffee Lake-H, they naturally missed the new design.
The eighth-generation Core Core in the second half of this year should be the last part, that is, Intel's First Canon Lake Using 10nm Process Product For low-power mobile platforms.
In other words, from the second half of the year, Intel's future processors will all be immune to the specter and blow holes.
The following is the official Intel official announcement -
Intel CEO Krishna: Enhancing security from the chip level
Later this year, hardware-level protection will be applied to data centers and PC products.
In order to address the security holes discovered by the Google Project Zero team earlier this year, Intel and the technology industry faced a major challenge. Thousands of colleagues across the industry have worked tirelessly to ensure that we can deliver on our common primary promise: To protect customers and theirs Data. I have humility and sincere gratitude for the commitment and hard work shown by many colleagues around the world. And I am convinced that when companies need urgent help, companies, even competitors, will work together to cope.
But there is still a lot of work to be done. The security situation is constantly evolving. We know that there will always be new threats. This prompted me to draft in January a pledge to “save safety first.” Intel has always been very concerned about security, and now, We stand firmer than ever before on the principles I have stated in these commitments: The urgency of the customer first, transparent and timely communication, and ongoing security.
Today, I would like to provide some updates to illustrate our continued progress in fulfilling these commitments. First, we have now released microcode updates for all Intel products released over the past five years in order to protect against Google’s discovery of side channel approach. Vulnerabilities for attack. Second, I would like to express my appreciation to all industry partners and express my gratitude. They work closely with us to develop and test these updates, and to ensure that these updates have been productized.
These updates are now in place and I encourage everyone to ensure that their systems are always up-to-date. This is one of the easiest ways to achieve lasting protection. I would also like to take this opportunity to share more about our future defenses at the hardware level. Details of these vulnerabilities. This is also my commitment at Intel's recent earnings conference call.
Vulnerability variant 1 will continue to be dealt with through software defense. At the same time, we are changing the hardware design to further address two other vulnerabilities. We have redesigned some components of the processor to introduce new levels of protection through partitioning. This will also protect against vulnerabilities variant 2 and variant 3. This partition can be viewed as an additional 'protection wall' between application and user privilege levels to set a barrier for intruders.
These changes will be the first to be applied to our next-generation Xeon Extensible Processors (codenamed Cascade Lake) and 8th generation Intel Core processors expected to ship in the second half of 2018. When these new products become available, the key It is to ensure that they provide the performance improvements people expect. Our goal is not only to provide the best performance, but also to provide the safest performance.
However, our work is not over yet. This is not a one-time event, but a long-term commitment. We attach great importance to this. Customer first urgency, transparent and timely communication, and continuous security. This is Our commitment, my commitment to all Intel employees.
