The massive market transformation this month that some on Wall Street called a "once in a decade opportunity" might have just been a one-off technical move because of taxes.Marketsread more
The Pentagon will deploy U.S. forces to the Middle East on the heels of the attack on Saudi Arabian oil facilities, United States Secretary of Defense Mark Esper announced...Defenseread more
CNBC did a deep dive through the most recent Wall Street research to find stocks that analysts say are underappreciated.Marketsread more
Shares of MasterCard are up 46% this year, and 1120% since 2011, getting a boost from the strong U.S. consumer.Investingread more
CNBC sat in on an "empathy training" at Amazon PillPack's Somerville offices, which is part of new hire orientation.Technologyread more
Trade with China is the 'big unknown' for the Federal Reserve as it decides how best to support the U.S. economy, says Council on Foreign Relations Director of International...Futures Nowread more
Lobbying experts said the visit is likely an attempt to be in lawmakers' ears as they consider legislation that would impact Facebook.Technologyread more
Yardeni Research's Edward Yardeni believes the U.S. economy is picking up steam.Trading Nationread more
Iran's audacious drone and cruise missile attack on Saudi Arabia's oil producing facilities has provided a critical test yet for the Trump administration's foreign policy. A...Politicsread more
Chinese trade negotiators suddenly canceled a visit to meet U.S. farmers after they wrapped up trade talks in Washington this week.Marketsread more
Microsoft, Amazon, and Google said they are working on updates to cloud services and other products to prevent exploitation of chip-level security vulnerabilities.
The vulnerabilities, which were publicly disclosed by the Register on Tuesday, could allow a hacker to steal information stored in the memory of a wide range of computer chips running on personal devices, like computers, as well as servers in data centers, including those used to run cloud computing services. It could allow a hacker to steal information stored in the memory of the chip itself, including things such as passwords and cached files. It could also pave the way for attackers to weaken other security features.
One of the vulnerabilities, dubbed Meltdown, is known to affect Intel chips. Another, Spectre, could affect chips from many vendors. Indeed, Arm said that some processors based on its technology are affected.
"We're aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers," a Microsoft spokesperson told CNBC in an email. "We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, Arm, and AMD."
In addition to patching its cloud services and current and older versions of Windows for servers and desktops, Microsoft has updated its Edge and Internet Explorer browsers. Updates for Microsoft Surface devices are coming as well.
Subsequently Google released some details about the issues but said a full report is still to come. A new site discussing the Meltdown and Spectre vulnerabilities credits Google's Jann Horn and third-party researchers with discovering them.
Google said it has updated its public cloud service to prevent attacks related to Meltdown and Spectre. "We used our VM Live Migration technology to perform the updates with no user impact, no forced maintenance windows and no required restarts," Google engineering vice president Ben Treynor Sloss wrote in a blog post. But customers will still need to update the operating systems they use on the Google cloud.
Google has also been busy checking on consumer services. Exploitation is "difficult and limited" for most Android devices, and the latest version of Chrome OS is patched, Google said.
Amazon told customers of its Amazon Web Services cloud service that the vulnerability "has existed for more than 20 years in modern processor architectures like Intel, AMD, and ARM across servers, desktops, and mobile devices." It said that it's already protected nearly all AWS instances, although customers will still have to patch the operating systems they use.
In the CNBC interview Krzanich said he was not aware of exploits of the issue, and Microsoft has not gotten any indication that the vulnerabilities "had been used to attack our customers," the spokesperson said.
Aside from security concerns, the Register and some individuals suggested that patches to operating systems could result in performance slowdowns. But in a statement on Wednesday, Intel said that "any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time."
Microsoft told customers of its Azure public cloud in a blog post that they "should not see a noticeable performance impact."
VMware has come out with patches for its desktop and server virtualization software.
Linux distribution vendor Red Hat is working on making product updates available to customers. "Red Hat is taking a proactive position that favors security over performance, while allowing users the flexibility to assess their own environment and make appropriate tradeoffs through selectively enabling and disabling the various mitigations," the company said on a website devoted to the vulnerabilities.
Some Red Hat patches are live, and more will be coming in the next few days, a spokesperson told CNBC in an email.