UPDATE: Microsoft’s update for this issue is now available: Microsoft Delivers Out-of-Band Update to Patch Intel Processor Flaw, But Gotchas Exist in AV Products
Microsoft will reportedly address a severe Intel security bug during its Patch Tuesday event next week. However, according to reports, this bug is so severe that any attempt to fix it through software updates will diminish processing power by at least 30 percent. That’s huge.
Companies will be torn on this one. Do companies delay patching to keep the user base happy or go ahead and take the processor performance hit to secure the environment?
According to reports, this bug is severe enough that it can be exploited at anytime, and can have a huge affect on virtualized environments, i.e., datacenter and cloud servers – including cloud providers such as Microsoft Azure, Amazon AWS, Google Compute, and others. Both Microsoft and Amazon have scheduled maintenance windows over the next week to deal with this. And even though companies should prepare for a patch from Microsoft, this is not just a Microsoft problem. Again, this is a hardware-level problem with Intel CPUs, which means it also affects Linux or any other OS running on the affected CPUs.
Interestingly, AMD processors are not affected.
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!