Intel Chip Security Flaw Could Affect Millions

Intel Chip Security Flaw Could Affect Millions

Worst of all, nearly every computer with an Intel chip from 2011 is affected by the vulnerabilities. Intel themselves calls the flaws "Microarchitectural Data Sampling" or MDS, a name that substitutes as a well-designed sleeping pill.

Botezatu said Bitdefender found the flaw because its researchers were increasingly focused on the safety and management of virtual machines, the term for one or more emulated mini-computers that can be spun up inside a larger machine - a key feature of cloud computing. The vulnerability may allow attackers to 'resurrect' critical data processed by the chip - from browser history and passwords to disk encryption keys and other system-level sensitive data. Embarrassingly, mitigations introduced in Intel's latest Coffee Lake Refresh Core i9 processors are said by the researchers to make the system more vulnerable to Fallout compared with older-generation hardware.

Here's a video from researchers showing the ZombieLoad exploit in action.

Zombieload was discovered by a small group of researchers and works by exploiting a CPU to leak data across processes, privilege boundaries and hyperthreads, essentially creating a backdoor. It's a side-channel attack made up of four individual flaws in the Intel chip itself.

More news: Boeing 737 Max operators to meet as regulators mull jet's return
More news: Samsung’s Budget Smartphones Will Reportedly Have Cryptocurrency and Blockchain Features
More news: Farmer amputates leg with knife to escape auger

Well, Intel has said that data centres are anticipated to be least affected by the fixes demanded.

"This includes the release of updated Intel microprocessor microcode to our customers and partners", the company said.

It has been just over a year since CPU vulnerabilities like Spectre and Meltdown last dominated the news cycle. While Intel rates the attacks as "low to medium" in severity, researchers from the institutions that discovered the attacks told Wired that they could "reliably dig through that raw output to find the valuable information they sought". "Under certain conditions, MDS provides a program the potential means to read data that program otherwise would not be able to see". This can be described as data leakage, which malicious actors can exploit. Intel also faced questions from lawmakers about why it did not disclose the vulnerability to USA cybersecurity officials before it was made public.

Apple has already released the security updates in the latest macOS Mojave 10.14.5 operating system to protect users against these vulnerabilities, but to fully mitigate your Mac computer, you'll need to also disable hyper-threading processing technology and enable an additional CPU instruction, which, unfortunately, leads to 40 percent performance loss. Researchers say it's hard or impossible to tell because, unlike most other kinds of hacking, exploitation of these flaws may not leave any traces.

Related Articles

  • Restaurant Brands to boost outlets by 54% in 8-10 years

    Restaurant Brands to boost outlets by 54% in 8-10 years

    As of today, Tim Hortons is officially testing out Beyond Meat breakfast items in select stores across Canada. It hopes to roll out the products nationally by the end of the summer, depending on the results of the pilot.
    Motorola One Vision smartphone gets official

    Motorola One Vision smartphone gets official

    The Motorola One Vision is priced at €299 (Rs 23,520 approx.) and will be available in Saudi Arabia and Thailand from today. The camera has a feature called Night Vision for incredible shots at night similar to the Pixel's own Night Sight.
    Warriors take 2-0 series lead over Trail Blazers

    Warriors take 2-0 series lead over Trail Blazers

    After struggling with his shot for most of the series with Houston, Stephen Curry looked like his old self in Tuesday's win. It has raised questions about Durant's true value and whether or not Golden State is a better, more risky team without him.
  • Nepal climber scales Mount Everest for record 23rd time

    Nepal climber scales Mount Everest for record 23rd time

    Kami Rita started the climb from the Nepal side of the range, which is one of the two routes to get up top, the other being Tibet. Acharya said dozens of climbers are trailing Sherpa with the aim of reaching the summit Wednesday.
    Steve Mnuchin sees progress on steel tariffs with Mexico and Canada

    Steve Mnuchin sees progress on steel tariffs with Mexico and Canada

    Trade Representative Robert Lighthizer on Wednesday, but declined to say whether the two countries were close to a deal. Asked about prospects for a deal later in the day, Freeland said she would not discuss Canada's negotiating strategy.
    Jagger is back! Rolling Stones to play TIAA Bank Field July 19

    Jagger is back! Rolling Stones to play TIAA Bank Field July 19

    Refunds are available through Ticketmaster , but only for the original buyer - not for tickets that have been transferred. Jagger was forced to postpone tour dates in the USA and Canada, announcing he was "devastated" to let down fans.
  • Weather good for SpaceX's first Starlink satellite launch Wednesday night

    Weather good for SpaceX's first Starlink satellite launch Wednesday night

    In a conference call Wednesday, Musk said the satellites will deploy within an hour after launch, most likely over Tasmania. SpaceX asked for and received US market access for a constellation numbering nearly 12,000 satellites.
    Malaysian teen kills herself after Instagram poll

    Malaysian teen kills herself after Instagram poll

    Police officers are reportedly not treating her death as suspicious, but her body has still been taken for an autopsy. It came after her heartbroken dad Ian Russell blamed the social media platform in part for her death .
    Blac Chyna Reveals Who Is the Better Lover: Rob Kardashian or Tyga

    Blac Chyna Reveals Who Is the Better Lover: Rob Kardashian or Tyga

    Blac Chyna's first clue about Tyga and Kylie Jenner's relationship was basically when they were already officially dating. In fact, she states the relationship was well on it's way to ending before Tyga and Jenner even became an item.
  • Wrestling - AEW announces deal with TNT

    Wrestling - AEW announces deal with TNT

    In addition, Double or Nothing's hour-long live pre-show will stream on WarnerMedia and AEW's social media channels. The move is one that now puts AEW in prime position to compete with World Wrestling Entertainment.
    Keanu Reeves profoundly answers one of the most hard  questions

    Keanu Reeves profoundly answers one of the most hard questions

    Keanu Reeves has officially been memorialized at the TCL Chinese Theatre! Do you agree that it was the ideal answer? Taking a moment to consider the question, Reeves simply replied, "I know that the ones who love us will miss us".
    Walmart considers Asda float

    Walmart considers Asda float

    Chief executive Roger Burnley told staff in Leeds yesterday Asda will cut £80m in prices over the rest of the year. The company would need to wait until the grocery market is more attractive to investors, he said.