ZombieLoad, the flaw that shakes Intel processors

Intel processors are victims of a significant attack that affects all devices, Windows, MacOS or even Linux and Chrome OS. The US founder must publish a security patch that will only work if the user also updates its operating system.

After last year’s Meltdown and Specter vulnerabilities, Intel processors are once again affected not by one, but four vulnerabilities.

Three of them bear the names of ZombieLoad, RIDL, and Fallout, and change all processors manufacturer since 2008. The researchers called these faults collectively  Microarchitectural Data Sampling (MDS) or microarchitectural sampling data.

These different attacks use the buffer associated with each processor core. If the memory is not purged, a process can access data from the previous method. A simple update would remedy this flaw.

The problem is aggravated by the hyperthreading system of Intel processors, this technology that optimizes performance by using two instruction threads simultaneously on a chip core. Both processes operate in parallel and use the same buffer, which complicates the deal.

Hyperthreading, Intel’s selling point, pointed out

Intel minimizes the risk of these vulnerabilities, but research has shown that it is possible to monitor activity on a computer and steal passwords, as evidenced by a video demonstration. This indicates that it is possible to track the visited sites while the user uses the Tor network inside a virtual machine.

All devices using an Intel processor are impacted, which includes Windows, MacOS, Linux, Chrome OS, and even some Android devices. This also applies to cloud servers and can, therefore, have repercussions on data centers (data center ) as well as a good part of the servers forming theInternet.

The only solution will be a CPU firmware fix associated with an operating system update. These fixes could reduce performance by up to 40 percent, according to Apple, which has already released an update for its MacOS system.

The company says that the only way to completely guard against attacks is to disable hyperthreading, but a simple update should be enough for most users. For computers dealing with sensitive data, Apple has released a procedure to disable hyperthreading.

Microsoft and Ubuntu have already released updates as well, and Google has disabled hyperthreading on Chrome OS 74 and will provide additional protections in version 75.

AMD processors not affected

Intel, however, indicated that disabling hyperthreading was not recommended and would not be enough to protect the computer from these new vulnerabilities. The manufacturer is currently deploying a firmware update for these processors with its partners.

 It specifies that these vulnerabilities have already been resolved in the hardware in some Intel Core 8 the and nine generations and the second generation of Xeon processors Scalable. In an article published on its site, the firm is reassuring, indicating a decline in the performance of only 3 to 9% on consumer computers.

ARM and AMD processors would not be affected. For its part, AMD has issued an update on its security page stating that its processors use hardware verification to prevent such attacks. It explicitly states that they are not vulnerable to Fallout or RIDL attacks, but does not mention Zombieland.