SECURITY TYPES have uncovered a series of vulnerabilities in Intel processors that could, in theory, allow hackers to steal data recently accessed by the CPU.
These exploits are known as Microarchitectural Data Sampling (MDS) vulnerabilities and are nicknamed ZombieLoad, Fallout and RIDL (Rogue In-flight Data Load). The vulns affect Intel Core chips from 2008 onwards, with only some eighth and ninth-generation chips immune to the exploits.
The flaws were unearthed by a supergroup of security researchers hailing from places and companies such as Graz University of Technology, Bitdefender and Oracle.
Much like Meltdown and Spectre, the MDS vulnerabilities exist in the speculative execution process modern CPUs have to optimise the retrieval of data.
By targeting a processor's load, store, and line fill buffer microarchitecture data structure, a hacker could use malicious code to leak data the processor has accessed from applications, the operating system and cloud-based virtual machines, as it moves from one chip component to another. Essentially, exploiting the vulnerabilities would allow malicious types to eavesdrop on data as it makes its way across a CPU.
Of course, hackers need to have some way to run code on a targeted machine before the MDS vulnerabilities can be exploited so their severity might not be relevant to people who keep their PC under lock and key. However, creating an exploit is relatively simple for people with the cybersecurity know-how and only require low-level privileges to carry out.
Intel has released microcode updates to patch the vulnerabilities, but to properly immunise a PC a combination of firmware and software updates is needed and the fixes are expected to impact CPU performance. And Intel recommends that some of its customers might want to disable HyperThreading if they can't guarantee their systems are running trusted software.
For individual PCs the slowdown is not expected to be particularly noticeable, but in data centres, a slowdown of eight to nine per cent is expected, which is significant for servers powering cloud apps and workloads.
Given exploits of the vulnerabilities have only happened in labs conditions, there's no need to massively panic. But the whole situation shows how there are inherent flaws in speculative execution and that Meltdown and Spectre seem to have been but the tip of the iceberg when it comes to the exploits the processor optimising feature can open up. µ
Firm's first high-end speaker gets the thumbs up from us
Yes. Yes you can
A fantastic ultraportable that's almost devoid of innovation
Screen if you want to go faster