Intel chip vulnerability could give hackers access to sensitive information

New security flaw in Intel chips could affect millions

Note, AMD and ARM chips are not affected by the bug.

Tech giants including Apple, Amazon, Google, Microsoft and Mozilla have released patches for a new side-channel flaw found in Intel chips.

Yup, my Intel systems are vulnerable, and yours probably are as well (unless they're very old).

ZombieLoad and Store-to-Leak Forwarding are the new attack methods that the Graz University of Technology security researchers Daniel Gruss, Moritz Lipp and Michael Schwarz from the Institute for Applied Information Processing and Communication Technology at Graz University of Technology (Austria) and an worldwide team have just published.

"While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets now processed by other running programs", they wrote. The vulnerability may allow attackers to 'resurrect' critical data processed by the chip - from browser history and passwords to disk encryption keys and other system-level sensitive data. As these hardware flaws affect numerous Intel CPUs, you can imagine that all modern Mac computers are affected as well. "MDS techniques are based on a sampling of data leaked from small structures within the CPU using a locally executed speculative execution side channel".

Intel has now released patches to the microcode that will help clear the processor's buffers.

Читайте также: Mamata Banerjee govt out to destroy everything in Bengal: PM Modi

Intel admitted that the security patches will impact CPU performance by up to 3% on consumer devices and up to 9% on data center machines, but don't let that dissuade you from manually forcing the update.

Here's a video from researchers showing the ZombieLoad exploit in action.

Now Intel has four more vulnerabilities to add to its headaches, collectively termed Microarchitectural Data Sampling (MDS) vulnerabilities by Intel and given the "friendly" names ZombieLoad, RIDL, and Fallout by the researchers who discovered them.

"Being able to eavesdrop on a target is always a favourite in a cyber criminals' toolkit but we also shouldn't forget that tools such as this aren't just used by the bad guys", said Moore. Essentially, exploiting the vulnerabilities would allow malicious types to eavesdrop on data as it makes its way across a CPU.

"Tricking the CPU into revealing protected data could have massive implications to millions of people around the world", he added. "Luckily there is now a tool you can use to test the vulnerability on your machine". While Intel eventually rolled out stable fixes, though still with measurable performance impacts in many cases, it has since been fighting a string of similar vulnerabilities including Spectre Next Generation, Spectre 4, Spectre 1.1 and 1.2, SpectreRSB, NetSpectre, and more.

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2019 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Related News:

  • U.S trapped farmer dismembers leg using pen knife

    U.S trapped farmer dismembers leg using pen knife

    He said it's not the first time he's gotten his leg stuck in an auger , explaining that a few years ago one injured his right leg. The married father of three grown children said he has been meeting with doctors to determine when he can get a prosthetic leg.
    Podcast: OnePlus 7 Pro!

    Podcast: OnePlus 7 Pro!

    The 6/128 version is only available in Mirror Gray, while the 12/256 iteration is only offered in Nebula Blue. Next we mention the OnePlus 7 Pro performance and whether the Snapdragon 855 SoC performs as advertised.
    US Moves Toward Tariff Hikes on Another $300 Billion in Chinese Goods

    US Moves Toward Tariff Hikes on Another $300 Billion in Chinese Goods

    USTR is conducting a full review of the proposed action through a comment and hearing process. The U.S. -China trade blowup was a long time coming.
  • Mick Jagger has heart surgery; Rolling Stones reschedule Seattle concert

    Mick Jagger has heart surgery; Rolling Stones reschedule Seattle concert

    The Rolling Stones have announced 17 rescheduled USA and Canadian tour dates following singer Sir Mick Jagger's recent surgery. The rockers announced today the No Filter tour will kick off in Chicago with two shows on June 21 and 25.
    Putin Describes Mueller Probe As 'Exotic' And 'Very Objective'

    Putin Describes Mueller Probe As 'Exotic' And 'Very Objective'

    Pompeo later said, "I made clear to Foreign Minister Lavrov. that interference in American elections is unacceptable". Pompeo said that improved ties "will be good not only for our two countries but for the whole world as well".
    Did signing Le'Veon Bell get Mike Maccagnan fired?

    Did signing Le'Veon Bell get Mike Maccagnan fired?

    The move is a stunner given its timing, as Maccagnan led NY into the National Football League draft less than three weeks ago. Vice president of player personnel Brian Heimerdinger was also let go on Wednesday according to ESPN's Adam Schefter.
  • Motorola One Vision is now official with hole-punch screen

    Motorola One Vision is now official with hole-punch screen

    The 48MP shooter seems to be the Samsung GM1 as the company clearly mentioned Quad Pixel technology on the official website. Aforesaid, the One Vision is the first smartphone from Motorola to make use of Samsung's Exynos chipset.
    Trash found littering Mariana Trench floor in deepest-ever sub dive

    Trash found littering Mariana Trench floor in deepest-ever sub dive

    According to the CNN , the expedition team stated that they plan to test these samples to check how much plastic gets ingested. The dive was later verified to be 10,972m and Victor became the first person to reach the deepest part of the Pacific Ocean.
    U.S.  won't cave in to Huawei, Wilbur Ross says

    U.S. won't cave in to Huawei, Wilbur Ross says

    Ltd. said it will pursue "remedies immediately and find a resolution" in face the threats of a business ban in the United States. USA justice and intelligence officials say China's economic espionage and the stealing of trade secrets happen all the time.
  • Sherpa, 49, scales Everest for record 23rd time

    Sherpa, 49, scales Everest for record 23rd time

    Officials say Rita reached the summit with other climbers Wednesday morning and all of them were reported to be safe. During this time, climbers gradually do longer and longer climbs from base camp, before going for the summit.
    New 612bhp McLaren GT offers supreme comfort with blistering performance

    New 612bhp McLaren GT offers supreme comfort with blistering performance

    For now, though, it's all about this vehicle - one which, McLaren people tell us, will not come a moment too soon for its buyers. Suspension, steering and brakes are all bespoke and optimized to provide unforgettable driving experience of a Grand Tourer.
    USA  military disputes British general's doubts over Iranian threat to US

    USA military disputes British general's doubts over Iranian threat to US

    Israeli Prime Minister Benjamin Netanyahu is urging neighboring countries to support the USA against Iran's mounting aggression.


Most liked

Pokemon Rumble Rush Adds To Expanding List Of Pokemon Games
These included the original 2009 Pokemon Rumble , then Pokemon Rumble Blast , Pokemon Rumble U , and Pokemon Rumble World . This soft launch in Australia was first spotted by Android Police, and it hints at an official announcement soon.

FDNY: Helicopter crashes into Hudson River
Emergency crews rushed to the scene near 12th Avenue and West 34th Street by land and by water to help recover the helicopter. The helicopter is operated by Blade chopper service , which operates a shuttle service between Manhattan and local airports.

Latest Apple iPhone 11 leak points at exciting upcoming features
On the higher-end models, the three cameras are arranged in a triangle and seated on a square bulge. The OS is supposed to be revealed next month at WWDC 2019 conference.

Ubisoft delays Skull & Bones again
A new Watch Dogs game is heavily rumoured for an E3 appearance, as is a return to the Splinter Cell franchise. The number of players has grown by 40% over the past year to reach more than 45 million.

UK raises threat level to personnel in Iraq due to Iran risk
The website TankerTrackers.com, whose analysts monitor oil sales on the seas, first reported about the black marks. Central Command said Ghika's remarks "run counter to the identified credible threats" from Iranian-backed forces.

At Charity Event, Patrick Peterson Apologizes For Suspension
He posted a few cryptic messages on social media last month while deleting all mentions of the Cardinals in his profiles. Since his debut in the league back in 2011, Peterson has yet to miss a single game for the Cardinals.

Grumpy Cat: internet's most famous cat dies aged seven
However, I am certain that no other cat will be able to trump the air of cynicism that Grumpy Cat brought to the table. Grumpy Cat , a feline whose perpetual scowl turned countless frowns upside-down, died Tuesday, her family said.

Sudanese protesters criticize military for suspending talks

Alabama doctor vows to keep providing abortions when ban goes into effect
Senator Kirsten Gillibrand of NY , also a 2020 candidate, said, "This is a war on women, and it is time to fight like hell". These laws, wrote Warren, would "preempt state efforts that functionally limit access to reproductive health care".

What helps prevent dementia? Try exercise, not vitamin pills
The guidelines are designed for use by healthcare providers and also for governments, policy-makers and planning authorities. Currently, iSupport is available for use in eight countries, with more expected to follow in the future.

Realme X goes official with Snapdragon 710 and 48MP camera
It adds a special optimization at the system level, application level, and especially the gaming experience is much improved. Realme X is also the first Realme smartphone to come with an optical in-display fingerprint sensor embedded in the display.

Trump supporters crash Mayor Bill de Blasio’s ‘Green New Deal’ rally
Some Trump supporters joined the protesters who booed and yelled, "You suck!" as the mayor tried to talk over the noise. Trump rejects climate science that links rising temperatures to human consumption of fossil fuels.

Liverpool: What Jurgen Klopp plans to do to ensure Champions League glory
City's season is not yet over as they will now face Watford in the FA Cup final on Saturday. We just need that trophy and they'll be there where they belong.

Selena Gomez hid secret messages in her newest Puma collection
But Selena Gomez has also been very public about her personal struggles with mental illness. Back in March, the star revealed: "I'm now in the studio and it's going really good.

Some Uber Customers Can Now Choose to Ride With Non-Chatty Drivers
Premium Support: Access premium phone support with live agents if you need something to be made right. Depending on where you are, it's a toss-up whether your Uber driver will talk your ear off.