Friday 7 June 2019, Poradnik bezpieczeństwa
Intel processors at risk – new ZombieLoad vulnerability
Lost24
Experts from Cyberus Technology have revealed another vulnerability of Intel CPU’s from the Core and Xeon families. After software patched Meltdown and Spectre vulnerabilities, Intel CPU’s are exposed to new vectors of attack in form of ZombieLoad, RIDL and Fallout.
According to the experts, ZombieLoad attack restores the browsing history and other sensitive data but also allows the leakage of information from other applications or the operating system. As the expert from Cyberus Technology explains in an interview with Chip portal, ZombieLoad gives malicious application an ability to read the memory of another app running on the same PC or server. As the experts points out, this threat is particularly dangerous for cloud services, as many client instances share the same hardware resources.
RIDL, on the other hand, allows for an attack on other applications, operating system or other virtual machines. In addition, it allows for information to leak between different security domains from different buffers. Fallout strengthens the other attacks by defining memory locations for the operating systems.
Intel has issued a statement in which it encourages users to update their systems, which should help mitigate the potential consequences of an attack.
There are no comments