Recently, it’s come out that there is a flaw in Intel chips that has left millions of computers vulnerable. This flaw allows attackers to steal any data that the Intel processor has recently accessed.
The attack, dubbed ZombieLoad, was discovered by Graz University of Technology. The finding was confirmed by Intel and has affected every chip they’ve manufactured since 2011. The flaw is named for the “zombie load” data that a processor can’t understand or process properly, forcing it to ask for help from the processor’s microcode to avoid a crash.
The ZombieLoad flaw is just the latest in a string of security flaws that take advantage of modern processors, Spectre and Meltdown, were discovered in early 2018 and later that year the Speculative Store Bypass vulnerability was discovered. However, Intel claims that the latest two generations of their Core processors are protected from this kind of attack at the hardware level, specifically the eighth- and ninth-generation Intel Core processors and the second-generation Intel Xeon scalable processors.
The ZombieLoad Vulnerability
The ZombieLoad flaw, as well as Spectre and Meltdown, are vulnerabilities collectively referred to as Microarchitectural Data Sampling (MDS). MDS works by providing a program with the ability to read data that it otherwise should not be able to access. It works by targeting microarchitectural structures in the CPU and fills in buffers in order to read and access the CPU data.
This vulnerability also affects data centers, cloud environments and virtual machines. For example, in a data center, a virtual machine could collect data from another virtual machine running on the same server. In the cloud, if one users virtual machine is infected it may be used to collect data from other users.
According to Intel, the exploitation of MDS is a complex undertaking and doesn’t, alone, let the attacker choose the data being leaked. Intel has recommended that keeping systems up to date is essential for protection from ZombieLoad and other similar processor flaws.
How to Protect Yourself
Luckily, Apple, Amazon, Google, Microsoft and Mozilla have all released patches to counter the ZombieLoad vulnerability. Intel has also provided guidance on protecting yourself against ZombieLoad and other MDS attacks.
In order to make sure that you’re doing all you can to protect your computers from this processor flaw, install all recent patches. In data centers, check asset management databases to determine vulnerable assets and install any microcode and hypervisor patches.
Until you’ve updated all your Intel-based devices and their operating systems, you’re at risk, so we recommend applying all patches and OS upgrades right away. If you’re looking for a solution to help you manage patches and apply them quickly, there are options available. Consider using patch management software such as ManageEngine, Baramundi or Shavlik to manage your patching needs.
One thing you should know is that there is a probability that these patches and upgrades will impact performance. How much of a slowdown you will experience depends on the machine, OS and your configuration. Intel has estimated up to a 3% impact on consumer devices and up to 9% on data center equipment.
How Next-Gen Security Can Help
Newly discovered vulnerabilities like ZombieLoad and other MDS flaws are further indicators of why security needs to up its game. That’s why we highly recommend looking for a next-generation security solution. Next-Gen security uses tools that rely on the logic of artificial intelligence, machine learning, and deep learning to protect against malware, DDOS attacks and MDS attacks.
If you want to learn more about how Next-Gen security can help prevent vulnerabilities like ZombieLoad from stealing your data, check out our ebook, The Realities vs. The Hype of Next-Gen Security.