Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Rebecca Zisser / Axios

A soon-to-be-disclosed and massive chip flaw affects more than just Intel chips, according to both sources familiar with the issue and Intel itself.

The issue, which has to do with how modern chips speculatively execute code, leaves a wide range of processors vulnerable to attack. For now the solution appears to be rewriting devices' operating systems, meaning lots of work for Microsoft, Google, Apple and others. (Update: More info on the vulnerabilities can be found here.)

Why it matters: An already big problem is actually even bigger than previously thought. Already believed to impact nearly all computers, servers and cloud operating systems, it could impact cell phones and other devices as well. However, Intel says that contrary to early reports, the performance impact shouldn't be major for most users.

What's next: At 2 p.m. Intel is holding a conference call and the researchers involved are expected to offer more details on the three specific vulnerabilities. The various tech giants are also expected to detail their plans for software updates.

In its statement, Intel also said

  • It had planned to discuss the flaw next week, when more patches were available.
  • Exploits could get access to sensitive data, but don't believe they should be able to "corrupt modify or delete data"
  • It is working with others in the industry, including rivals AMD and ARM on how to address the issue

ARM, whose chip designs are widely used in cell phones and other devices, confirmed some of its chip architectures are affected, including some of its Cortex-A processors. "This method requires malware running locally and could result in data being accessed from privileged memory," ARM said in a statement to Axios. "Our Cortex-M processors, which are pervasive in low-power, connected IoT devices, are not impacted."

AMD says its chips are vulnerable, but it believes to a lesser degree than those from Intel.

"To be clear, the security research team identified three variants targeting speculative execution," AMD said in a statement to Axios. "The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time. We expect the security research to be published later today and will provide further updates at that time."

Microsoft, Google and Apple declined comment. An Amazon representative was not immediately available to comment.

Here is Intel's full statement:

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.
Recent reports that these exploits are caused by a "bug" or a "flaw" and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors' processors and operating systems — are susceptible to these exploits.
Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.
Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.
Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.
Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

Go deeper

Biden will reverse Trump's attempt to lift COVID related travel restrictions

Photo: Tasos Katopodis via Getty

The incoming Biden administration will reverse President Trump's last-minute order to lift COVID-19 related travel restrictions, Jen Psaki, the incoming White House press secretary, tweeted.

Why it matters: President Trump ordered entry bans lifted for travelers from the U.K., Ireland, Brazil and much of Europe to go into effect Jan. 26, but the Biden administration will "strengthen public health measures around international travel in order to further mitigate the spread of COVID-19," Jen Psaki said. Biden will be inaugurated on Wednesday, Jan. 20 and Trump will no longer be president by the time the order is set to go into effect.

Dominion sends cease and desist letter to My Pillow CEO Mike Lindell

Photo: Stephen Maturen/Getty Images

Dominion Voting Systems on Monday sent a cease and desist letter to My Pillow CEO Mike Lindell over his spread of misinformation related to the 2020 election.

Why it matters: Trump and several of his allies have pushed false conspiracy theories about the company, leading Dominion to take legal action. It's suing pro-Trump lawyer Sidney Powell for defamation and $1.3 billion in damages, and a Dominion employee has sued Trump himself, OANN and Newsmax.

Off the Rails

Episode 5: The secret CIA plan

Photo illustration: Aïda Amer, Sarah Grillo/Axios. Photo: Zach Gibson/Getty Images

Beginning on election night 2020 and continuing through his final days in office, Donald Trump unraveled and dragged America with him, to the point that his followers sacked the U.S. Capitol with two weeks left in his term. This Axios series takes you inside the collapse of a president.

Episode 5: Trump vs. Gina — The president becomes increasingly rash and devises a plan to tamper with the nation's intelligence command.

In his final weeks in office, after losing the election to Joe Biden, President Donald Trump embarked on a vengeful exit strategy that included a hasty and ill-thought-out plan to jam up CIA Director Gina Haspel by firing her top deputy and replacing him with a protege of Republican Congressman Devin Nunes.