Processors nom nom nom!

Once again, Intel is infected by ZombieLoad, which is threatening security risks and other potential problems. They have released a third Zombieload patch update in a bid to contain it. As a result, Intel has come under tremendous heat for this recurring nightmare. But maybe they are one step closer to the antidote.


What the ghoul is Zombieload? 

The ZombieLoad attack allows sensitive data and keys to be stolen while the computer accesses them.

Under normal circumstances, programs only see their own data. However, flaws or malicious programs like ZombieLoad exploit internal CPU buffers.

This exploit allows ZombieLoad to access secrets run by other running programs such as user-level secrets (browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys).


Zombieload ‘infects’ Intel – for the third time!

First detected in May 2019, the recent ‘attack’ is the third one on Intel.

Intel has been releasing patches, two last year between May and November before the recent one to try and fix the issue.

The latest patch apparently will address two more microarchitectural data sampling (MDS) or Zombieload flaws. However, it may present some limitations.

Zombieload Patch Update (MOBHouse Productions)
(Image source: https://www.techradar.com/news/after-zombieload-intel-is-running-out-of-friends-can-project-athena-save-it)

According to Igor Bonifacic of Engagdet, “one of the vulnerabilities, L1DES, doesn’t work on Intel’s more recent chips. Moreover, a hacker can’t execute the attack using a web browser. Intel also says it’s “not aware” of anyone taking advantage of the flaws outside of the lab.”


Criticism on Intel’s counterattack

“We spent months trying to convince Intel that leaks from L1D evictions were possible and needed to be addressed,” said the team that discovered the flaw, via their website.

They further added, “We question the effectivenessof yearlong disclosure processes and also raise concerns on their disruptive impact on the academic process.”


What does Intel have to say?

In a move that may be shocking to none, they claimed that the situation was managed as well as possible.

“Since May 2019, starting with Microarchitectural Data Sampling (MDS), and then in November with TAA, we and our system software partners have released mitigations that have cumulatively and substantially reduced the overall attack surface for these types of issues,” an Intel spokesperson said.

Perhaps, we will see more vigilant bodies pressure tech giants into being more transparent and proactive in protecting our data and security.

For more information on ZombieLoad, click on the link below.