ZombieLoad attack – What you need to know

A new set of vulnerabilities was recently discovered within modern Intel processors which allowed hackers to access potentially sensitive data.

The exploit which takes advantage of these vulnerabilities is named ZombieLoad, and it allows hackers to use a side-channel attack to compromise the security of modern Intel processors.

The team which discovered the attack said it allows stealing sensitive data and keys while the computer accesses them, potentially compromising information such as passwords, private browsing history, and more.

The team has released an academic paper that provides more details on how ZombieLoad works, as well as a GitHub repository that allows users to test the exploit themselves.

Below is a summary of the ZombieLoad attack’s threat to average consumers as well as official instructions for mitigation.

Vulnerability explained

You are affected by this vulnerability if you have an Intel processor which was released any time from 2011 until now, as the problem lies within the processor design itself and is not a standard software bug.

Intel refers to the set of vulnerabilities as Microarchitectural Data Sampling (MDS), stating that it may allow programs to access confidential information and perform specific attacks.

The flaw functions similarly to the Spectre and Meltdown vulnerabilities, which required a series of updates for multiple Intel processor models to fix.

“MDS techniques are based on a sampling of data leaked from small structures within the CPU using a locally executed speculative execution side channel,” Intel said.

“Practical exploitation of MDS is a very complex undertaking. MDS does not, by itself, provide an attacker with a way to choose the data that is leaked.”

This means that while the vulnerabilities could be seriously comprising under the right conditions, it is extremely difficult to aim this attack at stealing specific data from a victim.

According to Daniel Gruss – one of the researchers who discovered the flaws – ZombieLoad is unlikely to be an issue for the average user.

Intel said MDS vulnerabilities have been classified as low to medium severity according to industry standards, and there are no currently reports of any real world exploits of these vulnerabilities.

Fixes and performance

Intel has released microcode updates to mitigate these security flaws and lower the exposure of affected processors to potential ZombieLoad attacks.

These fixes solve the problem, although like the microcode updates for Spectre and Meltdown, they do come with a performance hit.

Intel states that consumer PCs could suffer a performance drop of up to 3% as a result of the patch. This figure increases to a maximum of 9% in data centres.

If this performance hit is too much for you and you would rather brave the small risk of the vulnerability being exploited, you will not seriously endanger your machine if you do not patch immediately.

Apple released its own statement regarding the MDS vulnerabilities, urging Mac users to disable hyper-threading on their Intel CPUs to ensure full mitigation.

Disabling this functionality delivers a far more serious performance hit of up to 40% reduced processor power during certain applications.

This solution seems excessive however, as Intel has already stated that disabling hyper-threading is not necessary to defend against any potential ZombieLoad attack.

Now read: Vodacom provides new cybersecurity solution to users

Latest news

Partner Content

Show comments

Recommended

Share this article
ZombieLoad attack – What you need to know