Monday, 20 May, 2019

Intel processors hit with another serious security flaw impacting millions of PCs

Researchers have uncovered a new flaw in Intel chips More Researchers have uncovered a new flaw in Intel chips More
Cecil Davis | 18 May, 2019, 04:59

The security flaw was the most recent revelation of Intel chip bugs since two notorious hardware viruses involving Intel processors, nicknamed Spectre and Meltdown, caused panic among computer users a year ago.

The ZombieLoad research follows January 2018 warnings over Spectre and Meltdown.

Technically known as a "data sampling attack", it's far from trivial to launch, but should be addressed immediately by admins as it could theoretically allow attackers to monitor a victim's browsing in real-time, or steal sensitive credentials and data.

The exploit could as easily read secure tokens or other passwords.

Madonna's Eurovision Song Contest 2019 performance in doubt
Israel won the annual contest past year with 529 points after Netta wowed the participating countries with the song Toy . Hamas , a Palestinian group that controls the Gaza Strip, had no immediate comment.

ZombieLoad (CVE-2018-12130) is the most unsafe vulnerability, although the researchers also found three others: CVE-2018-12126, CVE-2018-12127 and CVE-2019-11091. Researchers have named a Microarchitectural Data Sampling (MDS) attack and targets a CPU's microarchitectural data structures, such as the load, store, and line fill buffers, which the CPU uses for fast reads/writes of data being processed inside the CPU. While some of the vulnerabilities exploited by Spectre and Meltdown affected processors from AMD and Arm, the majority targeted flaws in Intel's processors - and were followed by mitigation patches which sapped performance and outright crashed systems. Amazon Web Services said that all of its EC2 computing services have been updated with the mitigations recommended by Intel, and Microsoft released patches for Windows Server customers while assuring Azure customers that the systems running their workloads had been updated. Intel, Apple, Google and Microsoft have already issued patches to fix the flaws.

The discovery of new CPU flaw isn't surprising, given that researchers have continued to pummel modern processors looking for more vulnerabilities (see: Expect More Cybersecurity "Meltdowns").

The researchers who discovered the vulnerabilities published this proof-of-concept demonstration showing how an unprivileged attacker - who has the ability to execute code on a system - can reconstruct URLs being visited in Firefox. They called the vulnerabilities 'Zombieload'. By exploiting the feature, attackers can snatch data directly from the processor. "Malicious actors may need to collect significant amounts of data and analyze it to locate any protected data", it says. It said that Android users are not impacted.

Although no attacks exploiting the ZombieLoad bugs have been publicly reported, the researchers could not rule them out, because they say an attack would not necessarily leave a trace.