SingCert warns Singaporeans of 'critical vulnerabilities' in Intel processors

krack bug
A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017 Kacper Pempel/Illustration/Reuters

Computers running on Intel processors have been found out exposed to cybercrime activities after critical vulnerabilities dubbed Meltdown and Spectre were discovered. The Singapore Computer Emergency Response Team (SingCERT) on Thursday warned device users in the city-state of inherent data breaches.

Meltdown and Spectre have affected computers, smartphones, tablets and cloud services around the world, giving cyber attackers behind it the ability "to steal any data processed by the computer" according to SingCERT.

Also read: Ransomware attacks could take over cyber space in 2018, say experts

"Meltdown allows attackers to bypass the security boundaries between user applications and the operating system, which enables them to access information from the operating system memory, including sensitive data from other programmes," states the SingCERT advisory.

Meltdown has so far infected Intel processors, but the agency notes that Spectre has already penetrated Intel, AMD and ARM processors. They have bigger chances at spilling a computer's data, including passwords.

While Intel and Microsoft have already pushed out firmware updates over the air, SingCERT is urging all device owners to manually check for updates since they come in stages so some may not have received it yet.

Intel issued an official statement on Wednesday, admitting that they are aware of the "new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices". It added that "these exploits do not have the potential to corrupt, modify or delete data".

The technology company stressed that the bugs can also be found on non-Intel processors, so they have worked with AMD, ARM and other operating system vendors to "develop an industry-wide approach to resolve this issue promptly and constructively".

Intel and other companies involved have scheduled a formal announcement regarding the issue in the week to come.

This article was first published on January 5, 2018
READ MORE