Intel CPU Exploit Zombieload Uses Hyperthreading To Steal Data
The latest Intel CPU exploit termed Zombieload is a speculative execution side-channel attack. It uses Intel Hyperthreading to execute a Microarchitectural Data Sampling (MDS) attack which targets buffers in CPU microarchitecture.
According to a report, Intel CPUs made since 2008 are all susceptible to this attack. The latest 8th and 9th gen Intel CPUs are safe from this issue. Intel has released a security patch for this security flaw.
Intel CPU MDS Exploit
The MDS attack targets the hyper-threading feature in Intel CPUs to execute a malicious code locally and cause havoc. According to the researchers, whenever a processor switches from one app to another, be it from a first party or third party developer, buffers in the CPU need to be cleared or overwritten.
Intel wants to disable the microarchitectural buffers when users switch to software that isn’t trusted by the previous software. They think reducing performance is their best option to tackle the MDS attack. Such a process would disable the hyperthreading. The 9th generation Core i7-9700K already comes with no hyperthreading, which was used to give it a 30% increase in performance.
The chip maker has assigned four CVEs to the Zombieload security issue:
CVE | CVE Score (Severity) | CVSS Vector |
CVE-2018-12126 | 6.5 (Medium) | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N |
CVE-2018-12130 | 6.5 (Medium) | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N |
CVE-2018-12127 | 6.5 (Medium) | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N |
CVE-2019-11091 | 3.8 (Low) | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N |
Store buffers, load buffers, fill buffers and Data Sampling Uncacheable Memory using speculative execution may cause information disclosure via side-channel local access.
Who Are Affected By Zombieload?
Enterprises like Google, which uses Intel CPUs in its data centers, revealed that Chrome OS Version 74 will disable Hyper-Threading by default. However, most users won’t notice a difference.
Google also said that the Chrome OS Version 75 will come with even more mitigation in addition to the previous ones.
Users who bought Intel CPUs in 2008 and before the 8th and 9th Gen chips came out, were affected. The latest Whiskey Lake laptop and desktop versions and higher are unaffected.
Furthermore, the Intel Atom and Knights (MIC) architecture are unaffected by this security flaw. All upcoming Intel CPUs, including the 10th gen comet lake and the Tiger Lake, will also have protection against the MDS attack.
Earlier, Intel had promised that its latest chip would be free of any specter-like meltdown. The company has fulfilled its promise but at the cost of Hyperthreading.
What Is Intel Doing To Fix The MDS Issue
Intel has released a patch that solves this issue by disabling hyperthreading. The company is advising customers to disable hyper-threading as the risk of an MDS attack is imminent.
Intel claimed that executing the Zombieload attack is extremely difficult and requires more than ideal conditions. According to the company, only recent data in the CPU microarchitecture can be accessed.
This issue will certainly be profitable for Intel’s arch-rival AMD. The company has always been the underdog, however, after the launch of the Ryzen series things have started to work out in favor of AMD.
The company currently offers top spec multicore CPUs like Ryzen 7 2700x which cost almost half of Intel’s flagship. Furthermore, AMD’s Upcoming Ryzen 3000 series will feature up to 16-cores and an even more competitive price tag.
We have already talked about how the ARM is going to dominate the laptop market place soon enough and now with this security issue, things aren’t looking too good for Intel. At least in the long run.
In case of severity, the Zombieload isn’t as grievous as the Spectre attack. It does however is causing severe performance issues which could drive away a huge customer base awar from Intel.
Also Read: Intel Announces 8th Gen Whiskey Lake vPro CPUs