Microsoft says security patches slowing down PCs,
servers
Send a link to a friend
 [January 10, 2018]
By Eric Auchard and Supantha Mukherjee
(Reuters) - Microsoft Corp <MSFT.O> said on
Tuesday that software patches released to guard against microchip
security threats slowed down some personal computers and servers, with
systems running on older Intel Corp processors seeing a noticeable
decrease in performance.
The comments in a blog post were the clearest signal from Microsoft that
fixes for flaws in microchips from Intel and rivals described last week
could meaningfully degrade performance. The topic is of keen interest to
large data center operators, which could incur significant cost
increases if computers slow down.
Microsoft also said that security updates froze some computers using
chipsets from Intel rival AMD <AMD.O>, dragging AMD's shares down nearly
4 percent.
Shares in Intel, which reiterated on Tuesday that it saw no sign of
significant slowdown in computers, fell 2.5 percent taking the loss
since the issue surfaced last week to about 7 percent or around $15
billion in market value.
AMD shares have gained nearly 20 percent in the last week as investors
speculated that the chipmaker could wrest market share from Intel, whose
chips were most exposed to the security flaws.
Security researchers disclosed the flaws on Jan. 3 that affected nearly
every modern computing device containing chips from Intel, AMD and ARM
Holdings, owned by Japan's SoftBank Group Corp <9984.T>.
"We (and others in the industry) had learned of this vulnerability under
nondisclosure agreement several months ago and immediately began
developing engineering mitigations and updating our cloud
infrastructure," Microsoft executive Terry Myerson wrote in a blog post
on Tuesday. (http://bit.ly/2mj6f3Q)
Internet and networking equipment maker Cisco Systems Inc <CSCO.O> said
in a security advisory updated on Tuesday that it has identified 18
vulnerable products, including some of its blade servers, rack servers
and routers, and expects to have patches for servers in about five
weeks, on February 18.
Cisco said it is also looking for problems in nearly 30 other products,
including switches and routers. The majority of Cisco's products were
not vulnerable because they are "closed systems that do not allow
customers to run custom code on the device," it said. The memory
corruption flaws, named Meltdown and Spectre, could allow hackers to
bypass operating systems and other security software to steal passwords
or encryption keys on most types of computers, phones and cloud-based
servers.
[to top of second column] |
The Microsoft logo is
shown on an electric car at the Auto Show in Los Angeles,
California, U.S., November 28, 2017. REUTERS/Mike Blake
ARM Holdings estimated that around 5 percent of more than 120 billion chips its
partners have shipped since 1991 was impacted by Spectre. It said the number of
chips affected by Meltdown was significantly less.
"ARM will address Spectre in future processors but there will need to be an
ongoing discipline in the design of secure systems which needs to be addressed
through both software and hardware," a company spokesman said in an emailed
statement.
Intel and AMD have not disclosed the number of chips affected by the security
flaws.
Intel said a typical home and business PC user should not see significant
slowdowns in common tasks such as reading email, writing a document or accessing
digital photos. (http://intel.ly/2FiL0Hk)
The chipmaker said last week that fixes for security issues in its microchips
would not slow down computers, rebuffing concerns that the flaws would
significantly reduce performance.
Rival AMD had also played down the threat, saying its products were at "zero
risk" from the Meltdown flaw, but that one variant of the Spectre bug could be
resolved by software updates from vendors such as Microsoft.
But on Tuesday AMD said it was aware of an issue with some older-generation
processors following the installation of a Microsoft security update that was
published over the weekend.
Microsoft said it was working with AMD to resolve the issues.
Apple Inc <AAPL.O> also released an updated version of its operating system
software on Monday to fix the security flaw.
(Reporting by Eric Auchard in Frankfurt, Jim Finkle in Toronto and Supantha
Mukherjee and Sonam Rai in Bengaluru; Editing by Shounak Dasgupta and Lisa
Shumaker)
[© 2018 Thomson Reuters. All rights
reserved.] Copyright 2018 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
