ZombieLoad exploit lets hackers steal data from Intel CPUs

New vulnerabilities in Intel chips allow malicious parties to access your sensitive information.

The exploit, known as ZombieLoad, allows hackers to use a side-channel attack to exploit flaws in the design of Intel processors.

“While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs,” said the team who discovered the issue.

“These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys.”

The team has released an academic paper that provides more details on how ZombieLoad works, as well as a GitHub repository that allows users to test the exploit themselves.

According to Daniel Gruss – one of the researchers who discovered the flaws – ZombieLoad is difficult to execute, meaning that it is unlikely to be an issue for the average user.

Intel has released microcode update to fix the exploit on vulnerable processors. However, the company told TechCrunch that consumer PCs could suffer a performance drop of up to 3% as a result of the patch. This figure increases to a maximum of 9% in datacentres.

Now read: WhatsApp hack aided by spyware

Latest news

Partner Content

Show comments

Recommended

Share this article
ZombieLoad exploit lets hackers steal data from Intel CPUs