As outlined by TechCrunch, "ZombieLoad," as it's being called, consists of four bugs that can allow hackers to exploit the design flaws in the chips to steal sensitive information directly from the processor.
These vulnerabilities are as serious as the Meltdown and Spectre vulnerabilities that were discovered in early 2018 and take advantage of the same speculative execution process, which is designed to speed up data processing and performance.
A white paper shared by notable security researchers (including some who worked on Spectre and Meltdown) offers details on how ZombieLoad functions. [PDF]
While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys.ZombieLoad impacts almost every Intel computer dating back to 2011, but AMD and ARM chips are not affected. A demonstration of ZombieLoad was shared on YouTube, displaying how it works to see what you're doing on your computer. While spying on web browsing is demoed, it can also be used for other purposes like stealing passwords.
The attack does not only work on personal computers but can also be exploited in the cloud.
There have been no reports of hackers taking advantage of the ZombieLoad vulnerabilities at this time, and Intel has released microcode for vulnerable processors. Apple is expected to release a patch for ZombieLoad "in the coming hours," with Google and Microsoft also planning patches.
According to Intel, its microcode updates will have an impact on processor performance, but it's not clear if that's also true for Apple devices, which did not see significant slowdowns for the Meltdown and Spectre patches.
An Intel spokesperson told TechCrunch that most patched consumer devices could take a 3 percent performance hit at worst, and as much as 9 percent in a datacenter environment. But, the spokesperson said, it was unlikely to be noticeable in most scenarios.One of the researchers who discovered ZombieLoad, Daniel Gruss, told TechCrunch that ZombieLoad is easier to exploit than Spectre, but more difficult than Meltdown, and that it requires a specific set of skills, which means the average person doesn't need to worry.
This article, "New 'ZombieLoad' Vulnerability Affects Intel Chips Dating Back to 2011, Apple to Release Patch" first appeared on MacRumors.com
Discuss this article in our forums