What to do about ZombieLoad, Fallout faults in Intel chips



[ad_1]

It's a zombie that crushes a microchip because every big vulnerability needs a logo and it's the ZombieLoad logo.
Illustration: Natascha Eibl

An entire class of vulnerabilities in Intel chips allows attackers to steal data directly from the processor, according to new reports from a group of cybersecurity researchers around the world. Intel, Apple, Google and Microsoft, among other technology giants, have released patches to fix these flaws.

Today is a very good day to update all your devices and applications, then enable auto update forever. Updating is one of the simplest and safest ways to quickly secure your devices. In the case of these new bugs, updating everything is the best thing for the moment.

Apple, Google and Microsoft have already released patches that fix these flaws. Everyone should upgrade to the latest versions of MacOS, Windows, Android and Chrome. Feats have no impact on iPhones, iPads or the Apple Watch, reported TechCrunch. Because Google and Microsoft cloud customers are currently protected, we asked Amazon to tell us how they are handling their cloud customers' issues and will update them as soon as we receive their response.

What are the insects?

The bugs, which affect all Intel chips made since 2011, exploit a flaw in a chip feature called "speculative execution" so that attackers can steal sensitive data directly from a device's processor. This means that an attacker could steal browser history, passwords, encryption keys or many other types of sensitive data.

Nobody knows if the bugs were exploited by real attackers in the real world. Researchers say it is difficult or impossible to know because, unlike most other types of hacking, exploiting these faults leaves no trace.

What are they doing?

These new attacks are reminiscent of Meltdown and Specter, two vulnerabilities of Intel chips revealed last year. The attacks are based on how Intel chips perform speculatively, a feature in which, in order to optimize performance, the chip predicts and executes tasks before it even requests it. The new flaws show that attackers can use speculative execution to steal sensitive data during the operation of the chip.

The researchers who discovered the virus created a detailed website and wrote a white paper that delves into their discoveries. From the white paper:

"While programs normally only see their own data, a malicious program can exploit the fillers to get their hands on the secrets currently being handled by other programs running. These secrets can be user-level secrets, such as browser history, website content, user keys and passwords, or secrets at the level of the user. system, such as disk encryption keys. The attack does not only work on personal computers, but can also be exploited in the cloud. "

You should read the researchers' website if you want to immerse yourself in the essential technical details. What we hope to do in this article is to give you a high-level overview of what's wrong, then tell you what new vulnerabilities mean to you.

As mentioned above, the take-away solution in one sentence for 99% of users is to immediately update your devices.

Discovered exploits have names such as ZombieLoad, Fallout, Store to Leak Transfer, Meltdown UC and RIDL for "Fugue Flight Data Charging". Intel calls the flaws "Microarchitectural Data Sampling" or MDS, a name that replaces well-designed sleep aid.

The ZombieLoad attack allows a hacker to spy on private browsing data and other sensitive data, while Fallout and RIDL filter sensitive data across security boundaries. Store-to-leak and Meltdown UC forwarding combines with previously known exploits related to the Meltdown and Specter vulnerabilities to steal sensitive processor data.

In a message to Gizmodo, an Intel spokesperson said that MDS "is already hardware-based in many of our 8th and 9th generation Intel® Core ™ processors, as well as in the family of Intel." 2nd generation Intel® Xeon® scalable processors. For the other affected products, mitigation is available via microcode updates, associated with the corresponding operating system updates and hypervisor software available from today. # 39; hui. "

Here is a video of researchers showing the ZombieLoad feat in action. In this case, attackers spy on a user who visits websites. They can succeed, even if they use security and privacy-focused tools, such as the Tor browser and the DuckDuckGo search engine. In the end, none of this matters in the context of these attacks.

"It's a bit like we're treating the processor as a network of components, and we're basically listening to the traffic between them," project researcher Wired Cristiano Giuffrida told Wired. "We do not mean to say that these components are exchanged."

The patches released by Intel will likely have a small but real impact on performance, ranging from 3% on consumer devices to 9% on datacenter computers.

Although nothing indicates one way or the other if it has already been exploited in the wild, the smart solution is to perform a quick and frequent update in order to protect yourself as best you can.

[ad_2]

Source link