ZombieLoad Is Here To Infect Your PC – But Don’t Panic Yet

Intel has been hit, again, by revelations of a flaw in its CPUs that allows a skilled attacker to access data they shouldn’t be able to. Similar to the Spectre and Meltdown bugs that were revealed in January 2018, ZombieLoad exploits bugs in the speculative execution code running on the processors and allows a malicious program to access information.

It’s no time to panic

The good news is that the researchers that discovered the flaw, Michael Schwarz, Moritz Lipp and Daniel Gruss from Graz University of Technology, and Jo Van Bulck from KU Leaven, ethically disclosed the vulnerability.

That means software updates issued this week by Microsoft, Intel and Google for their devices and operating systems should protect you from the bug.

Microsoft has published a detailed security advisory about the flaw and what it is doing about it.

Apple issued software updates earlier this week for all of its hardware platforms including the last three versions of macOS.

Also, there have not been any known attacks using ZombieLoad. Which doesn’t mean it hasn’t happened.

Lifehacker’s advice: Use the software update function on all your devices and download the latest security fixes.

What does ZombieLoad do?

ZombieLoad uses a vulnerability in a process called speculative execution.

When you use your computer, the CPU executes millions of different calculations. In order to boost performance, the CPU predicts what you’re going to do next and pre-calculates things so that it has the answers ready before you ask it any questions.

ZombieLoad allows one program to access another program’s data.

Heres a demo prepared by the researchers.

Note that even though the researchers are using the Tor browser, malicious code can still steal data such as passwords.

Patch your systems now

With Google, Microsoft and Apple releasing patches, and Intel likely to also send out code updates in the bear future, it is important to pay attention to system updates and apply them.

The researchers have released proof of concept code so it’s possible threat actors will use and try to break into unpatched systems.

Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender, said “The proof of concept code shared privately with the vendor has been successfully tested on Intel Ivy Bridge, Haswell, Skylake and Kaby Lake microarchitectures”.


Leave a Reply