Intel CPUs released
since 2013 are impacted by Zombieload v2
In May of this year, the Zombieload vulnerability, which
affects older Intel CPUs, was disclosed to the public. Zombieload now has a
second variant that also works against more recent Intel processors. This means
that Cascade Lake, Intel’s latest line of high-end CPUs, is also affected. It
was initially thought that the Cascade Lake processors would be unaffected by
the Zombieload vulnerability.
The Zombieload vulnerability is a security flaw in the same
class as Meltdown, Spectre, and Foreshadow. Known collectively as Microarchitectural
Data Sampling (MDS) attacks, these attacks rely on taking advantage of the
speculative execution process. That process is an optimization technique that
Intel added to its CPUs in order to improve data processing speeds and
Unfortunately, the vulnerabilities such as Meltdown,
Spectre, and Foreshadow made it clear that the speculative execution process
was riddled with security holes.
MDS are just the latest line of vulnerabilities impacting
speculative execution. What makes them different from the original Meltdown,
Spectre, and Foreshadow bugs that were disclosed in 2018 is that they attack a
different area of a CPU’s speculative execution process.
Attacks like Meltdown, Spectre and Foreshadow attack data
stored inside the L1 cache. MDS attacks go after a CPU’s microarchitectural
data structure. The microarchitectural data structures affected include the
load, store, and line fill buffers that the CPU uses for fast reads/writes of
data being processed inside the CPU.
When the original MDS attacks were disclosed in May, it was
deemed that Zombieload was the most dangerous MDS attack as it could retrieve
more information than other known MDS attacks.
This newest MDS attack, known as Zombieload v2, is a
variation of the Zombieload v1 vulnerability, but one that worked on Intel’s
newer line of CPUs. The same CPUs that Intel claimed had protections against
speculative execution attacks baked in at the hardware level.
Zombieload v2 only needs for the targeted CPU to support
the Intel TSX instruction-set extension in order to attack. That
instruction-set extension has been available by default in all Intel CPUs sold
Intel has been playing down the seriousness of the vulnerability, but has released a CPU firmware update as part of their monthly patch in order to address the newest Zombieload attack variant.
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648
RHYNO Networks was designed to meet the needs of the IT marketplace. Specifically, to offer businesses skilled, timely IT services in order for them to focus on their business. We’re dedicated to the principles of Reliability, Innovation and Customer Service.