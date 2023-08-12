A serious vulnerability called Downfall has recently been discovered in certain Intel processors, potentially affecting billions of chips. While the best CPUs are not impacted, the researcher who discovered the vulnerability warns that “everyone on the internet is affected.” The flaw allows skilled hackers to steal sensitive data, including passwords, from affected computers.

Downfall targets the Gather Instruction in Intel chips, which is responsible for quickly accessing data spread across different parts of the memory. However, with the vulnerability, internal hardware registers become exposed to software. If the software is compromised, hackers can exploit this exposure to seize sensitive data from the PC.

The vulnerability affects Intel’s mainstream and server processor lineups, from Skylake to Rocket Lake. Unless you have upgraded your CPU in the past few years, you are likely affected. Cloud computing environments using Intel servers are also at risk, as a malicious customer could potentially exploit the vulnerability to steal data from other customers sharing the same cloud computer.

Intel has already released a fix for Downfall. However, implementing the fix results in a significant performance loss, with Intel estimating it could be up to 50%, particularly impacting AI-related workloads and high-performance computing (HPC) tasks.

Phoronix conducted tests on Linux using different CPUs, including Xeon Platinum 8380, Xeon Gold 6226R, and Intel Core i7-1165G7. The performance losses ranged from 6% to 39%, which, although lower than Intel’s prediction, is still substantial.

Users who are not concerned about the vulnerability can choose not to update their processors and opt out of the additional mitigation measures, thereby restoring their CPU’s full performance. However, it is recommended to update the firmware and apply the fix to prevent the potential leakage of sensitive data.

In conclusion, the Downfall vulnerability in Intel processors poses a serious threat to the security of sensitive data. Users are advised to take necessary precautions and update their systems accordingly.