[ad_1]
Security researchers have discovered a new class of vulnerabilities in Intel chips that, if exploited, can be used to steal sensitive information directly from the processor.
The bugs are reminiscent of Meltdown and Specter, which exploits a weakness in speculative execution, an important part of the operation of modern processors. Speculative execution helps processors predict to a certain extent what an application or operating system might need in the near future or in the near future, which allows for the application of operate faster and more efficiently. The processor will make its predictions if they are needed, or discard them if they are not.
Both collapse and Spectrum leak of sensitive data stored briefly in the processor, including secrets, such as passwords, secret keys and account tokens, as well as private messages.
Now, some of the same researchers are back with a whole new set of bugs fleeing the data.
"ZombieLoad", as it is called, is a secondary attack targeting Intel chips, allowing hackers to effectively exploit design flaws rather than inject malicious code. According to Intel, ZombieLoad is composed of four bugs reported by researchers to the chip maker just a month ago.
Almost all computers with Intel chips from 2011 are affected by the vulnerabilities. AMD and ARM chips are not considered vulnerable like previous secondary channel attacks.
ZombieLoad takes its name from a "zombie load," a quantity of data that the processor can not understand or process properly, forcing the processor to seek help from the processor's microcode to avoid a crash. Applications can usually only display their own data, but this bug allows this data to spread beyond these boundaries. ZombieLoad will disclose all the data currently loaded by the processor kernel, the researchers said. Intel said firmware patches would help clear processor buffers, preventing data from being read.
In practice, the researchers showed in a validation video that flaws could be exploited to see which websites a person was visiting in real time, but that they could easily be reused to grab passwords or tokens Access used to connect online to the victim. accounts.
Like Meltdown and Specter, ZombieLoad is not limited to computers and laptops: the cloud is also vulnerable. ZombieLoad can be triggered on virtual machines, which are supposed to be isolated from other virtual systems and their host device.
Daniel Gruss, one of the researchers who discovered the latest series of flaw faults, said that it works "exactly" like a PC and that it can read data from the processor. This is potentially a major problem in cloud environments where different client virtual machines run on the same server hardware.
Although no attacks have been reported publicly, the researchers have not been able to rule out, no attack would necessarily leave a trace, they said.
What does this mean for the average user? No need to panic, for one.
These are exploits away from the player when an attacker can take control of your computer in an instant. Gruss said it was "easier than Specter" but "harder than Meltdown" to exploit – and that both required a specific set of skills and efforts to use during an attack .
But if the exploit code was compiled into an application or provided as malware, "we can launch an attack," he said.
There are much easier ways to hack a computer and steal data. However, research into speculative executions and secondary channel attacks is still in their infancy. As new discoveries emerge, data theft attacks may become easier to exploit and streamline.
But as with any vulnerability where patches are available, install them.
Intel released a microcode to fix vulnerable processors including Intel Xeon, Intel Broadwell, Sandy Bridge, Skylake and Haswell chips, Intel Kaby Lake, Coffee Lake, Whiskey Lake and Cascade Lake chips, as well as all Atom and Knights processors .
But other tech giants, such as PC makers and consumer peripherals, also release patches as a first line of defense against possible attacks.
Apple computer manufacturers and Microsoft and Google's browser makers have released patches, and other companies should follow.
In a call with TechCrunch, Intel said that microcode updates, like previous patches, would have an impact on processor performance. An Intel spokesman told TechCrunch that most consumer-grade devices could be negatively impacted by 3 percent on performance, and up to 9 percent in a data center environment. But, said the spokesman, it was unlikely to be visible in most scenarios.
And neither Intel, nor Gruss, nor his team have released any exploit code, so there is no direct and immediate threat to the average user.
But with the deployment of today's patches, there is no reason to miss out on a chance to prevent such an attack anyway.
Read more:
[ad_2]
Source link