This might come as an alarm…or not, depending on how paranoid you are. Intel has had a grave flaw in its chip architecture from as long as 2011. This security flaw allows hackers to steal any data that’s recently passed through the processor. And this can also affect cloud servers which can allow attackers to steal information from other virtual machines running on the same computer.
This flaw makes your computers vulnerable to three kinds of attacks: RIDL, Fallout, and ZombieLoad. The first two are not as concerning, but ZombieLoad is the most critical of them. It works by exploiting the design flaw of Intel chips to leak sensitive user data. The vulnerabilities are termed as MDS (Microarchitectural Data Sampling). And MDS, under certain circumstances, can provide a program the means to read user data, which is not usually accessible. But this is a very complex process, and MDS itself is no threat. It only becomes one if hackers can figure this out and use it. Nevertheless, the fact that attackers can use it is a concern.
How does ZombieLoad work?
It works by exploiting a process called Speculative Execution. In it, processors predict what data or process will an application need in the future. And hackers can access the buffers in the processor’s components through malicious code. Having to design a malicious code to do so requires quite a bit of work. But apparently, it’s easy to bypass the security mechanisms in the Speculative Execution system of the chip and funnel the data being transmitted like passwords, keys, accounts, tokens, etc.
In technical terms, “zombie load” means the kind of data that the processor can’t understand properly or process. So, it asks help from the processor’s micro-code to prevent a crash. Applications are usually only able to see their own data. But, this design flaw allows the data to run through the apps’ boundaries. So, ZombieLoad will leak any data currently under process. I.E. if anyone decides to look for it, in this case, hackers.
Of course, it’s not always that users enter passwords and such in their computers. And since hackers have no way of knowing that, an attack has very less chance of returning any worthy data. But programs can be designed to do tasks repeatedly. And if they can execute it in such a way, hackers can gain some data of worth out of a number of attacks.
How to Solve it?
This is, apparently, a flaw in Intel’s processor design itself, and it goes back to 2011. So, if your computer came from after 2011 to any recent years, you are vulnerable. However, AMD and ARM Holding’s chips and computers are not vulnerable from this particular flaw.
A team of researchers from Graz University of Technology found this out and disclosed it to Intel. They also designed an online tool to check if you have been attacked. But this is very complex and needs a computer geek to successfully run it! Intel has, since then, issued a warning and a patch tool to fix these issues. But first, manufacturers have to implement the tool in their systems and then users have to install them to be safe.
Intel is already rolling out updates to operating systems and hypervisor software to fix it. Also, Apple, Google, and Microsoft have all released patches to fix these issues for now. In addition, Microsoft will be releasing more fixes through future software updates. So, if you receive software updates, you should download it this time. Furthermore, Intel said it will release future processor with necessary hardware changes to fix the issue as well.
Still, there is no data on any attacks as a result of this vulnerability. Maybe, no one really knew about it before this. But since it is information now, there are chances of hackers exploiting this. If you’re someone who carries out a lot of transactions on their computer or handles classified information, you should probably update. As for the normal layman, there may not be a reason to worry about much.