A major new set of flaws in almost all post-2011 Intel chips that could enable side-channel attacks targeting crucial information has been discovered.
Reported in January 2018, ZombieLoad is reminiscent of Spectre and Meltdown viruses because it impacts desktop and laptop machines as well as cloud servers. Like them, it exploits the hypothetical implementation procedure to enable attackers to snip data from the processor.
Precisely known as a “data sampling attack,” it’s far from insignificant to launch, but should be addressed instantly by admins as it could supposedly let attackers monitor a victim’s browsing in real-time, or steal sensitive identifications and data.
“While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs,” the research paper claimed. “These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys.”
ZombieLoad (CVE-2018-12130) is the most hazardous flaw, although the researchers also found three others: CVE-2018-12126, CVE-2018-12127 and CVE-2019-11091. Intel calls these Microarchitectural Data Sampling (MDS) flaws.
“All of them have in common that they trigger a faulty read, and extract data used by transiently executed operations via a side-channel,” the research paper added.
Nevertheless, Intel has already addressed MDS issues post-Spectre/Meltdown, so its newer chips (8th and 9th Generation Intel Core processors and 2nd Generation Intel Xeon Scalable processor family) aren’t impacted.
It has also issued microcode updates to address the flaws, although these could seemingly have a 9% performance hit on cloud machines and about 3% on desktops and laptops. Apple, Google, and Microsoft have already released patches to rectify ZombieLoad.