A lot of noise on the internet, after Intel confirm that chips have a bug:
https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
This post is to bring some light on this.
1- Intel says is not only their chips affected
2- PCID (Process-Context Identifiers), a chip feature, has a bug that allow apps (malware) to read data
3- Process-context identifiers (PCIDs) are a facility by which a logical processor may cache information for multiple linear-address spaces. The processor may retain cached information when software switches to a different linear address space with a different PCID.
4- Macintosh and Linux OS are also affected.
Rumors:
1- If you have Haswell (4th-gen) or newer, PCID (Process-Context Identifiers) is enabled.
2- After apply the patch, performance is going to be slower on newer CPU. Around 5 to 10%.
2- Still if you have older CPU, performance will be affected worse than newer CPUs.
3- To be affected you must have a OS 64 bits. {Correction: 32bits has vulnerability, MS still working on this)
Just as I'm writing this, Linus Torvalds and his team are working on this too:
https://lkml.org/lkml/2018/1/2/703
https://www.postgresql.org/message-id/20180102222354.qikjmf7dvnjgbkxe%40alap3.anarazel.de
Can we get a word from Microsoft?
For windows, What patch is going to address this? (Update: Patch links and KB are listed on postings)
Is that is going to be on the Montly Rollup and/or Security only patches? (Update: See the links posted)
If performance is going to suffer, can we be able to uninstall such patch? (Update: Microsoft published a document about it, See the links posted)
Please, any info will be appreciated.
