Get the latest market trends in your inbox

Stay on top of the latest market trends and economic insights with the Axios Markets newsletter. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Intel, the leader in microprocessor market, presents developer tools at Droidcon convention in Turin in 2015. Photo by Mauro Ujetto/NurPhoto via Getty Images.

The entire tech industry is scrambling to create software patches that close a massive security hole due to a decade-long flaw in how nearly all modern chips are designed.

The vulnerabilities, first reported to affect Intel chips, also affect to varying degrees processors made by rival AMD as well as the ARM processors used in cell phones and other devices.

Why it matters: This is the broadest security vulnerability to date, affecting nearly all computers, servers and other devices, including smartphones. For now, most fixes involve updates to the operating systems and cloud services developed by Apple, Amazon, Microsoft, Google and others.

Dig Deeper: A good explainer on the vulnerabilities and who is affected is offered here.

Here's what the major companies have said so far.

Intel:

"Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

"Recent reports that these exploits are caused by a "bug" or a "flaw" and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors' processors and operating systems — are susceptible to these exploits."

Click here for the rest of Intel's statement

Update: On a conference call, Intel said it doesn't expect a significant financial impact from the issue.

Microsoft:

Microsoft is updating Windows 10 today with a special fix for the issue and also making available updates for Windows 7 and Windows 8.

"We're aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities had been used to attack our customers."

Google:

Researchers from Google's Project Zero found the vulnerabilities last year and reported them to Intel, AMD and ARM in June 2017. In a blog post, Google disclosed what product actions it is taking with regards to Android, Chrome OS and the Google Cloud. It said other products, such as Chromecast and Google Home aren't affected.

Amazon:

"This is a vulnerability that has existed for more than 20 years in modern processor architectures like Intel, AMD, and ARM across servers, desktops, and mobile devices. All but a small single-digit percentage of instances across the Amazon EC2 fleet are already protected. The remaining ones will be completed in the next several hours. We will keep customers apprised of additional information with updates to our security bulletin, which can be found here."

AMD:

"To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time. We expect the security research to be published later today and will provide further updates at that time."

ARM:

"Arm (has) been working together with Intel and AMD to address a side-channel analysis method which exploits speculative execution techniques used in certain high-end processors, including some of our Cortex-A processors. This method requires malware running locally and could result in data being accessed from privileged memory. Please note that our Cortex-M processors, which are pervasive in low-power, connected IoT devices, are not impacted.

"We are encouraging our silicon partners to implement the software mitigations developed if their chips are impacted."

Apple has not yet responded to requests for comment.

Go deeper

Ben Geman, author of Generate
11 mins ago - Politics & Policy

The top candidates Biden is considering for key energy and climate roles

Photo: Alex Wong/Getty Images

Senate Minority Leader Chuck Schumer (D-N.Y.) has urged President-elect Joe Biden to nominate Mary Nichols, chair of California's air pollution regulator, to lead the Environmental Protection Agency, Bloomberg reports.

Why it matters: The reported push by Schumer could boost Nichol's chances of leading an agency that will play a pivotal role in Biden's vow to enact aggressive new climate policies — especially because the plan is likely to rest heavily on executive actions.

U.S. economy adds 245,000 jobs in November as recovery slows

Data: BLS; Chart: Axios Visuals

The U.S. economy added 245,000 jobs in November, while the unemployment rate fell to 6.7% from 6.9%, the government said on Friday.

Why it matters: The labor market continues to recover even as coronavirus cases surge— though it's still millions of jobs short of the pre-pandemic level. The problem is that the rate of recovery is slowing significantly.

2 hours ago - Health

Fauci says he accepted Biden's offer to be chief medical adviser "on the spot"

The government's top infectious-disease expert Anthony Fauci said Friday that he "absolutely" will accept the offer from President-elect Joe Biden to serve as his chief medical adviser, telling NBC's "Today" that he said yes "right on the spot."

Why it matters: President Trump had a contentious relationship with Fauci, who has been forced during the pandemic to correct many of the president's false claims about the coronavirus. Biden, meanwhile, has emphasized the importance of "listening to the scientists" throughout his campaign and transition.