In a closed-door meeting at a Manhattan mansion, executives outlined changes to controversial software that was implicated in two crashes.Aerospace & Defenseread more
Current and former Tesla employees working in the company's open-air "tent" factory say they felt pressure to take shortcuts to hit aggressive Model 3 production goals,...Technologyread more
Amazon workers in Minnesota and Germany are striking as Prime Day kicks off, in a stand against working conditions and wage practices. The action in Minnesota represents the...Retailread more
Treasury Secretary Steven Mnuchin is raising red flags ahead of Facebook's proposed cryptocurrency launch.Marketsread more
Epstein is accused of sexually exploiting dozens of underage girls from 2002 through 2005 at his New York and Florida residences. He is a former friend of Presidents Donald...Politicsread more
When you think of Prime Day, you might be thinking about deals on Instant Pots and Amazon Echo devices — not half-off dresses and designer heels. But the market for apparel...Retailread more
David Marcus, the head of Facebook's digital currency project, said the company expects Libra will drive more advertising revenue for the company.Technologyread more
Some White House officials expect the Cabinet secretary, who has known the president for years, to depart as soon as this summer.Politicsread more
"The important thing is that you shouldn't try to hit homeruns this week, because you're much more likely to end up striking out," Jim Cramer says.Mad Money with Jim Cramerread more
Reps. Ilhan Omar, Ayanna Pressley, Alexandria Ocasio-Cortez and Rashida Tlaib said Trump challenged them personally because he was not able to defeat them on the policy level.Politicsread more
A financial disclosure made by lawyers for Jeffrey Epstein, a former friend of presidents Donald Trump and Bill Clinton, reveals he has nearly $560 million in assets.Politicsread more
Microsoft, Amazon, and Google said they are working on updates to cloud services and other products to prevent exploitation of chip-level security vulnerabilities.
The vulnerabilities, which were publicly disclosed by the Register on Tuesday, could allow a hacker to steal information stored in the memory of a wide range of computer chips running on personal devices, like computers, as well as servers in data centers, including those used to run cloud computing services. It could allow a hacker to steal information stored in the memory of the chip itself, including things such as passwords and cached files. It could also pave the way for attackers to weaken other security features.
One of the vulnerabilities, dubbed Meltdown, is known to affect Intel chips. Another, Spectre, could affect chips from many vendors. Indeed, Arm said that some processors based on its technology are affected.
"We're aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers," a Microsoft spokesperson told CNBC in an email. "We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, Arm, and AMD."
In addition to patching its cloud services and current and older versions of Windows for servers and desktops, Microsoft has updated its Edge and Internet Explorer browsers. Updates for Microsoft Surface devices are coming as well.
Subsequently Google released some details about the issues but said a full report is still to come. A new site discussing the Meltdown and Spectre vulnerabilities credits Google's Jann Horn and third-party researchers with discovering them.
Google said it has updated its public cloud service to prevent attacks related to Meltdown and Spectre. "We used our VM Live Migration technology to perform the updates with no user impact, no forced maintenance windows and no required restarts," Google engineering vice president Ben Treynor Sloss wrote in a blog post. But customers will still need to update the operating systems they use on the Google cloud.
Google has also been busy checking on consumer services. Exploitation is "difficult and limited" for most Android devices, and the latest version of Chrome OS is patched, Google said.
Amazon told customers of its Amazon Web Services cloud service that the vulnerability "has existed for more than 20 years in modern processor architectures like Intel, AMD, and ARM across servers, desktops, and mobile devices." It said that it's already protected nearly all AWS instances, although customers will still have to patch the operating systems they use.
In the CNBC interview Krzanich said he was not aware of exploits of the issue, and Microsoft has not gotten any indication that the vulnerabilities "had been used to attack our customers," the spokesperson said.
Aside from security concerns, the Register and some individuals suggested that patches to operating systems could result in performance slowdowns. But in a statement on Wednesday, Intel said that "any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time."
Microsoft told customers of its Azure public cloud in a blog post that they "should not see a noticeable performance impact."
VMware has come out with patches for its desktop and server virtualization software.
Linux distribution vendor Red Hat is working on making product updates available to customers. "Red Hat is taking a proactive position that favors security over performance, while allowing users the flexibility to assess their own environment and make appropriate tradeoffs through selectively enabling and disabling the various mitigations," the company said on a website devoted to the vulnerabilities.
Some Red Hat patches are live, and more will be coming in the next few days, a spokesperson told CNBC in an email.