With nearly the entire IT industry still getting to grips with the Spectre and Meltdown vulnerabilities found in CPUs, Intel's CEO promised that a more permanent silicon fix would arrive later this year.
In a call with analysts to discuss the company's fourth-quarter financial results, Intel Corp. (Nasdaq: INTC) CEO Brian Krzanich said that new chips that correct the Spectre and Meltdown flaws would ship later this year, although he did not give a specific timeframe.
"We're working to incorporate silicon-based changes to future products that will directly address the Spectre and Meltdown threats in hardware. And those products will begin appearing later this year," the CEO stated, according to a transcript of the January 25 call.
Intel CEO Brian Krzanich
While some have argued that these two security flaws have been part of CPU architecture for the past 20 years, a research report published earlier this year highlighted that attackers could use these vulnerabilities to hack into the hardware itself. Specifically, the researchers found that by manipulating pre-executed commands within the chip, which help make data available faster, hackers can gain access to the content of the kernel memory.
This, in turn, can allow the hacker to gain access to encryption keys and other authentication details of whatever system the CPU is running in.
While Intel, which is the world's largest maker of x86 chips, has taken the brunt of the criticism, other chip suppliers, such as Advanced Micro Devices Inc. (NYSE: AMD) and ARM Ltd. , have also been called on to answer for the Spectre and Meltdown vulnerabilities. (See Congressman Looking for Answers About Spectre & Meltdown.)
Still, Intel has managed to bungle some of the response to the vulnerabilities since early January when the paper first came out. A series of BIOS patches caused additional problems with performance, and the company was forced to withdraw those and start again. (See HPE, Dell EMC Warn Customers Over Spectre, Meltdown Patches.)
After that, Linux founder Linus Torvalds took to a message board earlier this week and slammed Intel's response as "complete and utter garbage." (See Linus Torvalds: Intel's Spectre Patch Is 'Complete & Utter Garbage'.)
The fundamentals of network security are being redefined – don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth annual Big Communications Event. There's still time to register and communications service providers get in free!
While Krzanich did not dwell on Spectre and Meltdown for long during Thursday's call, he did note that the company has allocated significant resources to fixing the problem and has updated its risk assessments to reflect these ongoing problems. "I've assigned some of the very best minds at Intel to work through this and we're making progress," he added.
The good news for Intel is that it produced a solid fourth quarter that sent the company's stock up almost 4% in after-hours trading on Thursday night: However, it's worth noting that the quarter ended before the vulnerabilities were announced.
During the fourth quarter, Intel posted non-GAAP earnings per share of $1.08 and revenue climbed 4% year-over-year to reach $17.1 billion. Analysts were expecting earnings per share of $0.86 and revenue of about $16.34 billion, according to Reuters.
The chipmaker did take a hit on a $5.4 billion charge related to taxes on offshore earnings.
For the year, Intel posted total net income of $9.6 billion and revenue of $62.8 billion.
— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.