Looks like processors back to 2008 are affected...

...still, maybe its all a hoax to deliberitly slow down all old system, so that we all have to buy new ones?

(Or at least we are all forced to upgrade to the latest OS.)

@Psyco

Well, it is not hoax, it will be used to do slowdown as industry needs it also, but this is real.

In reality such mode in consumer system must be optional.

But it seems that no one will care. As usual capitalist will make hundreds of billions of damage saving few millions for themselves.

Intel statement

https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

We're dealing with two serious threats. The first is isolated to #IntelChips, has been dubbed Meltdown, and affects virtually all Intel microprocessors. The patch, called KAISER, will slow performance speeds of processors by as much as 30 percent.

The second issue is a fundamental flaw in processor design approach, dubbed Spectre, which is more difficult to exploit, but affects virtually ALL PROCESSORS ON THE MARKET (Note here: Intel stock went down today but Spectre affects AMD and ARM too), and has NO FIX.

Spectre will require a complete re-architecture of the way processors are designed and the threats posed will be with us for an entire hardware lifecycle, likely the next decade.

For the past decade, processors were designed to gain every performance advantage. In the process, chipmakers failed to ask basic questions about whether their design was secure.

Meltdown and Spectre show that it is possible for attackers to exploit these design flaws to access the entire memory contents of a machine. The most visceral attack scenario is an attacker who rents 5 minutes of time from an Amazon/Google/Microsoft cloud server and steals data from other customers renting space on that same Amazon/Google/Microsoft cloud server, then marches onto another cloud server to repeat the attack, stealing untold volumes of data (SSL keys, passwords, logins, files etc) in the process.

Intel is not surprisingly trying to downplay the threat of these attacks, but proof-of-concept attacks are already popping up online today, and the timeline for a full rollout of the patch is not clear.

The flaws were originally discovered last June by a researcher at Google Project Zero (shout out @ Jann Horn) and then separately by Paul Kocher and a crew of highly impressive researchers at Rambus and academic institutions. Originally public disclosure was set for next week.

But news of Meltdown started to leak out yesterday, so the disclosure was moved up a week to right now.

Some tests before and after patch

https://www.guru3d.com/articles-pages/windows-vulnerability-cpu-meltdown-patch-benchmarked.html

Man, I'm really burned about this. They should replace my chips. $$$.

I hope this patches will not apply through OS updates, if we wont update Intels them self we still OK in both windows and macs. am I correct?

So the "solution" for now is keep current OS'es for a good performance without any future updates...even macs. Pity as there is no Intel Coffee Lake support in Mac yet. Theoretically when they came performance will be even to my current not patched workstation (even few year old) :)

There was no reason to upgrades since few years due to lack of noticeable improvements and Intel Coffee Lake seems to be worth it but it will be "patched" as well already. Am I correct?

Conclusion. Verygood no point to span many for upgrades for another while :)

Google had to gather hundreds of engineers working across the company to find a way to protect its products. After a few months, they found a solution for Meltdown and the first variant of Spectre (two of the three vulnerabilities), which they then started rolling out way back in September.

So actually information leak was huge long time ago.

Also practice where all but select companies have access to such data is surely illegal.