Intel is taking security bug fixes seriously, but is that enough?

Recently, a number of high-profile security flaws were detected in Intel processors dating back years ago that had a serious impact on the chip maker’s reputation and in a new security report the company claims to have doubled in the solve those problems and ensure that nothing like this happens again.

According to the report, in 2019, Intel’s security team discovered 144 of the 236 (61%) vulnerabilities and common exposures (CVEs) that affected its products, while 92 were found by external researchers, including 70 found thanks to Intel’s Bug Bounty program, which offers financial rewards to people for finding bugs.

The report also states that 91% of the bugs were found thanks to Intel’s investment in the product warranty (both internally and through the Bug Bounty program), which seems to suggest that the company has been true to its word in investing. money and resources in the discovery and correction of security bugs.

Design changes

While Intel’s biggest investment in fixing its security bugs is very welcome, so far we haven’t seen any major changes in the company’s chip design.

Some of the most serious security flaws, like Specter, it could only be permanently resolved by a processor redesign, radically changing the way Intel builds its processors, and so far it doesn’t seem to have occurred.

It’s understandable why Intel didn’t do it – it would be a time and money-consuming process – but if the company is serious about fixing its security flaws, it may be necessary to do it, and sooner rather than later.

Through Tom’s hardware

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.