Earlier this year, Google's (GOOGL 0.75%) (GOOG 0.87%) Project Zero disclosed three security vulnerabilities that affected many modern high-performance processors.
As it turns out, virtually every Intel (INTC 5.41%) processor on the market was vulnerable to the three types of attacks, referred to as Variant 1, Variant 2, and Variant 3. The chip giant has worked with key operating-system vendors to put out software workarounds to guard Intel-based systems from these attacks.
Image source: Intel.
Per a recent post on Intel's website, Intel has now released workarounds for "100% of Intel products in the past five years that require protection against the side-channel method vulnerabilities discovered by Google."
Unfortunately, these updates come at a price: lowered performance in some cases. According to The Tech Report, the performance degradation in standard consumer applications isn't much. However, it's believed that some data center applications could see more pronounced performance degradation.
The good news, though, is that on March 15, Intel announced that it plans to release hardware in the second half of 2018 that includes hardware fixes for two of the three types of attacks (the third will need to continue to be mitigated in software).
Here are some additional details from Intel:
While Variant 1 will continue to be addressed via software mitigations, we are making changes to our hardware design to further address the other two. We have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3. Think of this partitioning as additional "protective walls" between applications and user privilege levels to create an obstacle for bad actors.
Let's go over what this means for Intel.
Minimizing the damage
There was some concern that Intel would be susceptible to a loss of market segment share, particularly in the data center processor market, as a direct result of these flaws being discovered. The thinking was that since some competing processors weren't as susceptible to all three vulnerabilities as Intel's processors were, some of Intel's major customers would start shifting processor orders to those competing processors.
Since Intel appears to be set to launch processors with hardware fixes for the Variant 2 and Variant 3 attacks in the second half of 2018, the window of opportunity for competitors to capitalize on Intel's vulnerability to these attacks is small -- and closing.
Turning lemons into lemonade?
What I think will be particularly interesting to see is whether this entire fiasco winds up being a net positive for Intel. Since older Intel processors are likely to suffer from some degree of performance degradation as a result of the workarounds, major data center operators could be more inclined to upgrade to the company's improved processors later this year.
Not only would those customers get the typical performance jump that they'd expect from a new product generation, but that performance improvement would also be amplified because the new chips wouldn't suffer the performance loss from the workarounds that the older processors do.
On top of that, Intel tends to sell a few generations of processors concurrently. For example, Intel currently sells its latest Xeon Scalable processors, but it also offers its prior generation Xeon E5/E7 v4 chips. When Intel releases the fixed processors later this year, customers that previously might have purchased prior-generation chips to save money might instead buy the latest-generation parts to get the hardware fixes for Variant 2 and Variant 3.
Newer processor generations tend to sell for more than older processor generations do, so Intel could actually see a boost in average selling prices for its data center processors in its coming product cycle as a result.
