Security researchers have found a new class of vulnerabilities in Intel chips that, if exploited, can be used to steal sensitive information directly from the processor.
The errors are reminiscent of melting and spectrum, which exploited a weakness in speculative execution, an important part of how modern processors work. Speculative execution helps processors to some extent predict what a program or operating system might need next and in the near future, making the app faster and more efficient. The processor will make their predictions if they are needed or throw them if they are not.
Deliciously sensitive data stored card in the processor, including secrets ̵
Now, some of the same researchers are back with a whole new round of computer-failing errors.
"ZombieLoad", as it is called, is a targeted attack on Intel Chips side channel, so hackers effectively exploit design errors instead of injecting malicious code. Intel said ZombieLoad is made up of four errors, which the researchers reported to the chip maker a month ago.
Almost every computer with an Intel chip dating back to 2011 is affected by the vulnerabilities. AMD and ARM chips are not said to be vulnerable to previous side channel attacks.
ZombieLoad takes the name from a "zombie load", a lot of data that the processor cannot understand or properly process, and forces the processor to ask for help from the processor's microcode to prevent a crash. Apps can usually only see their own data, but this error allows the data to bleed over these boundary walls. ZombieLoad will leak data that is now loaded by the processor core, the researchers said. Intel said patches for the microcode will help remove the processor's buffers so that data is not read.
Practically, in a proof-of-concept video, researchers showed that the errors could be exploited to see which sites a person visits in real time, but can easily be re-used to obtain passwords or access features used to log on to a victim's online accounts.
Like Meltdown and Specter, not only PCs and laptops are affected by ZombieLoad – the cloud is also vulnerable. ZombieLoad can be triggered in virtual machines, which are meant to be isolated from other virtual systems and their host.
Daniel Gruss, one of the researchers who discovered the latest round of chip errors, said it works "just like" it does on PCs and can read data from the processor. It is potentially a major problem in cloud environments where different customers' virtual machines run on the same server hardware.
Although no attacks have been reported, the researchers could not figure them out, or any attacks would necessarily provide a trace, they said.
What does this mean for the average user? There is no need to panic, for one.
These are far from the drive-by exploits where an attacker can take over your computer in an instant. Gruss said it was "easier than Specter", but "harder than Meltdown" to exploit – and both required a specific set of skills and efforts to use in an attack.
But if the exploit code was collected in an app or delivered as malware, "we can run an attack," he said.
There are far easier ways to hack into a computer and steal data. But the focus on research into speculative execution and side channel attacks remains in its infancy. As more discoveries appear, the data-stealing attacks have the potential to be easier to utilize and more streamlined.
But as with any security issues where patches are available, install them.
Intel has released microcode to patch vulnerable processors, including Intel Xeon, Intel Broadwell, Sandy Bridge, Skylake and Haswell chips. Intel Kaby Lake, Coffee Lake, Whiskey Lake and Cascade Lake chips are also affected, as well as all Atom and Knights processors.
But other tech giants, who consume PC and device manufacturers, also issue patches as a first line of Defense against possible attacks.
Computer makers Apple and Microsoft and browsers Google have released updates. Other companies are expected to follow.
In a conversation with TechCrunch, Intel said that the microcode updates, like previous updates, would affect processor performance. An Intel spokesperson told TechCrunch that most patched consumer devices could take a 3 percent performance here at worst, and as much as 9 percent in a data center environment. But the spokesman said it was not likely to be noticeable in most scenarios.
And neither Intel nor Gruss and his team have released user code, so there is no direct and immediate threat to the average user.
But with patches rolling out today, there is no reason to give a chance to prevent such an attack in all cases.