Programmers at Intel, Microsoft, and other organizations are working to patch a serious security flaw in Intel processors that could leave protected data on PCs and servers vulnerable to hacks and malicious software.

The flaw, which appears to affect all Intel chips made over the past 10 years or so, opens up the potential for bad actors to exploit the kernels at the heart of Linux- and Windows-based operating systems. Details about how such exploits might work have been kept largely under wraps until patches can be developed and applied. And Intel has yet to comment publicly on the processor vulnerability.

Some Linux patches have already been released, and Microsoft could make a fix available during next week's Patch Tuesday. However, those solutions could significantly slow device speeds -- anywhere between 5 percent and 30 percent, according to recent reports. That could affect not only business and consumer PCs but servers run by cloud services giants, such as Amazon, Google, and Microsoft.

Flaw Details under Embargo

While news about the Intel chip flaw and its possible fixes have been circulating in the developer and programmer world for a few months, the problem has just recently come to light for mainstream computer users. The Register noted yesterday that details about the bug are currently embargoed pending the release of effective patches.

The vulnerability "allows normal user programs -- from database applications to JavaScript in web browsers -- to discern to some extent the layout or contents of protected kernel memory areas," The Register reported. "The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI."

The problem with such KPTI fixes is that they require systems to switch from one address space for process virtual memory to a separate address for kernel memory every time a program needs to access kernel mode.

"The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 percent slow down, depending on the task and the processor model," The Register reported. "More recent Intel chips have features -- such as PCID [process-context identifiers] -- to reduce the performance hit."

The Register also noted that some Linux developers working on a patch were frustrated to the point they considered naming the fix, "Forcefully Unmap Complete Kernel With Interrupt Trampolines," or F*CKWIT.

No Issue with AMD Chips

Microsoft has scheduled a Jan. 10 security and maintenance update for customers running cloud-based Azure virtual machines, and Amazon has notified its EC2 cloud customers that it's planning similar updates sometime between Friday and Saturday. Both appear to be aimed at addressing the Intel processor vulnerability.

On Monday, a developer who blogs under the name Python Sweetness posted an overview of Linux Page Table Isolation patch activity that noted the flaw could also impact users of Google's Compute Engine. He cited recent discussions on the Linux and Unix news site LWN.net.

"On the kernel mailing list we can see, in addition to the names of subsystem maintainers, e-mail addresses belonging to employees of Intel, Amazon and Google," Python Sweetness said. "The presence of the two largest cloud providers is particularly interesting, as this provides us with a strong clue that the work may be motivated in large part by virtualization security."

On another Linux site, the Linux Kernel Mailing List, AMD software engineer Thomas Lendacky observed in late December that AMD processors do not appear to have the same vulnerability as Intel chips. Coupled with the latest revelations about the Intel flaw, that news appears to have helped drive up the value of AMD shares today, while Intel's stock price has dropped significantly.