Intel CPUs Made Since 2011 Discovered to be Vulnerable to the ‘ZombieLoad’ Flaw
Last updated September 21, 2021
Researchers from Cuba and Finland have discovered an exploit that could put millions of computer owners at risk. The exploit predominantly affects Intel CPUs with Hyper-Threading and may extend to AMD CPUs that use the same technology as well. Intel has already been notified about the exploit last month but we're still waiting for a patch to appear.
The exploit code was eventually published on GitHub showcasing that the attack works even on the newer Skylake and Kaby Lake CPUs by Intel. Dubbed ‘PortSmash’ the exploit needs to run off the same PC that utilizes the same processor core as the legitimate code. With hyper-threading technology allowing codes to run of separate threads on the same processor core, the exploit can do its job. It allows the exploit to be efficient and malicious code gets injected into systems.
PortSmash can steal encrypted data from Intel processors and also deconstruct the encryption. Intel has responded to the findings by security researchers stating “We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices.”
AMD processors have not been tested yet but security researchers who identified the exploit will be testing the exploit in Ryzen processors in the near future. There is no word on when a patch will be pushed out and users are advised to use precaution when using public PCs or allowing access to their personal computers. This is not the first time the desktop users have faced a security issue with the ‘Spectre’ and ‘Meltdown’ exploits causing massive panic amongst users.
What do you think about the exploit that's affecting Intel processors? Let us know in the comments below. If you could share the article online, it would also be great so others can find it too. Come chat with us on Facebook and Twitter.