Published: Sat, May 18, 2019
Tech | By

Zombieload Intel side-channel attack detailed - CPU

Zombieload Intel side-channel attack detailed - CPU

Early in 2018, two major vulnerabilities, dubbed Spectre and Meltdown, were discovered by researchers in Intel and AMD processors.

Microarchitectural Data Sampling (MDS) vulnerabilities are hard to exploit and are classified as low to medium severity according to the Common Vulnerability Scoring System (CVSS).

Its reach isn't even limited to the end-user's computer, according to researchers Michael Schwarz, Moritz Lipp, and Daniel Gruss from Graz University of Technology and Jo Van Bulck from KU Leuven: it "can also be exploited in the cloud". In this case "user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys", will be possible to purloin.

Here's a video from researchers showing the ZombieLoad exploit in action. The new flaws show that attackers can use speculative execution to steal sensitive data as the chip works. But previous generations of chips will need to be patched, and in some instances that fix could slow the performance of the chip by as much as 19%, Intel said in a post announcing the news. Intel, Apple, Google and Microsoft among other tech giants have released patches to address the flaws.

At the time, security researchers and Intel said similar side-channel flaws were likely to be found in the future.

The researchers who discovered the vulnerabilities published this proof-of-concept demonstration showing how an unprivileged attacker - who has the ability to execute code on a system - can reconstruct URLs being visited in Firefox. "We all remember EternalBlue and how that was used to exploit data by actors on both sides of the law". Because these factors will vary considerably by customer, Intel is not recommending that Intel HT be disabled, and it's important to understand that doing so does not alone provide protection against MDS. The company also says some processors shipped in last month have fixed the vulnerability.

That said, it also isn't easy for anyone to be able to exploit the flaw given the vast complexity of the process the researchers employed to detect the same.

More importantly, Apple included fixes for ZombieLoad in the just-released macOS 10.14.5 and Security Update 2019-003 for Sierra and High Sierra. The three computer scientists, together with Graz University of Technology Professor Stefan Mangard, were already involved in the discovery of the serious security gaps Meltdown and Spectre a year ago.

Like this: