• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Intel CPU Exploit Zombieload Uses Hyperthreading To Steal Data

by Cyber360 News
November 11, 2019
in Security
0
Intel CPU Exploit Zombieload Uses Hyperthreading To Steal Data
0
SHARES
5
VIEWS
Share on FacebookShare on Twitter

The latest Intel CPU exploit termed Zombieload is a speculative execution side-channel attack. It uses Intel Hyperthreading to execute a Microarchitectural Data Sampling (MDS) attack which targets buffers in CPU microarchitecture.

According to a report, Intel CPUs made since 2008 are all susceptible to this attack. The latest 8th and 9th gen Intel CPUs are safe from this issue. Intel has released a security patch for this security flaw.

jamf now

Intel CPU MDS Exploit

The MDS attack targets the hyper-threading feature in Intel CPUs to execute a malicious code locally and cause havoc. According to the researchers, whenever a processor switches from one app to another, be it from a first party or third party developer, buffers in the CPU need to be cleared or overwritten.

Intel wants to disable the microarchitectural buffers when users switch to software that isn’t trusted by the previous software. They think reducing performance is their best option to tackle the MDS attack. Such a process would disable the hyperthreading. The 9th generation Core i7-9700K already comes with no hyperthreading, which was used to give it a 30% increase in performance.

The chip maker has assigned four CVEs to the Zombieload security issue:

Store buffers, load buffers, fill buffers and Data Sampling Uncacheable Memory using speculative execution may cause information disclosure via side-channel local access.

Who Are Affected By Zombieload?

Intel CPU Exploit Zombieload MDS
Images: Shutterstock

Enterprises like Google, which uses Intel CPUs in its data centers, revealed that Chrome OS Version 74 will disable Hyper-Threading by default. However, most users won’t notice a difference.

Google also said that the Chrome OS Version 75 will come with even more mitigation in addition to the previous ones.

Users who bought Intel CPUs in 2008 and before the 8th and 9th Gen chips came out, were affected. The latest Whiskey Lake laptop and desktop versions and higher are unaffected.

jamf now

Furthermore, the Intel Atom and Knights (MIC) architecture are unaffected by this security flaw. All upcoming Intel CPUs, including the 10th gen comet lake and the Tiger Lake, will also have protection against the MDS attack.

Earlier, Intel had promised that its latest chip would be free of any specter-like meltdown. The company has fulfilled its promise but at the cost of Hyperthreading.

What Is Intel Doing To Fix The MDS Issue

Intel has released a patch that solves this issue by disabling hyperthreading. The company is advising customers to disable hyper-threading as the risk of an MDS attack is imminent.

Intel claimed that executing the Zombieload attack is extremely difficult and requires more than ideal conditions. According to the company, only recent data in the CPU microarchitecture can be accessed.

jamf now

This issue will certainly be profitable for Intel’s arch-rival AMD. The company has always been the underdog, however, after the launch of the Ryzen series things have started to work out in favor of AMD.

The company currently offers top spec multicore CPUs like Ryzen 7 2700x which cost almost half of Intel’s flagship. Furthermore, AMD’s Upcoming Ryzen 3000 series will feature up to 16-cores and an even more competitive price tag.

We have already talked about how the ARM is going to dominate the laptop market place soon enough and now with this security issue, things aren’t looking too good for Intel. At least in the long run.

In case of severity, the Zombieload isn’t as grievous as the Spectre attack. It does however is causing severe performance issues which could drive away a huge customer base awar from Intel.

Also Read: Intel Announces 8th Gen Whiskey Lake vPro CPUs
Cyber360 News

Cyber360 News

Next Post
This WhatsApp Flaw Allowed Israeli Hackers To Send Spyware Via Voice Call

This WhatsApp Flaw Allowed Israeli Hackers To Send Spyware Via Voice Call

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In