Skip to main content
  1. Home
  2. Computing
  3. News

ZombieLoad is Meltdown resurrected. Here’s how to secure your PC right now

Add as a preferred source on Google
HP Spectre 13 2017 Review
Mark Coppock/Digital Trends

Less than a year and a half since Intel had its first public meltdown after finding the highly publicized Meltdown and Spectre security flaws, researchers have discovered a new security vulnerability called Microarchitectural Data Sampling (MDS) — which leaves computers dating back to 2008 vulnerable to eavesdropping attacks.

Fortunately, Intel learned its lesson from the first Meltdown discovery, and it finds itself better prepared to address the recently published security flaw that, if unpatched, could leave computers — ranging from laptops to cloud-based servers — exposed to eavesdropping by an attacker.

Recommended Videos

Back from the grave

A series of updates were recently deployed to address the newly uncovered security flaw. Whether you’re on a Windows PC or a Mac, you should stay up to date with your security patches to mitigate the risk of attack. Business customers operating their infrastructure from the cloud should check with their service providers to ensure that that latest available security patches will be applied as soon as possible.

MDS was discovered by a wide range of researchers from security firms like Bitdefender, Cyberus, Oracle, and Qihoo360 as well as academic institutions like the University of Michigan, Vrije Universiteit Amsterdam, KU Leuven in Belgium, Austria’s TU Graz, University of Adelaide, Worcester Polytechnic Institute, and Germany’s Saarland University. Researchers have discovered four distinct ways of carrying out MDS attacks, and though some of the attacks were discovered more than a year ago, Intel had asked that the researchers to keep their findings private until a patch was available.

“Academics have discovered four such MDS attacks, targeting store buffers, load buffers, line fill buffers (aka the Zombieload attack), and uncacheable memory — with Zombieload being the most dangerous of all because it can retrieve more information than the others,” ZDNet reported. Some of the attacks, researchers cautioned, could even require hardware changes to the chips to mitigate. Intel claims that some of its chips released within the last month already ship with a fix.

While MDS works in a similar way to Meltdown and Spectre by relying on Intel’s use of speculative execution to boost CPU performance by allowing the processor to guess what data will be required for execution in advance, attackers are able to eavesdrop when data is moving between various components of a processor. In previous attacks, sensitive data was accessed from memory, but in the case of MDS, the data can be accessed from the cache. Anything that passes through the processor, from the website you’ve visited to your password and credit card data, could be accessed through MDS. Hackers can even leverage MDS to extract the decryption keys to an encrypted drive.

Fixing Intel’s chipocalypse

Gregory Bryant, Intel senior vice president in the Client Computing Group, displays a “Lakefield” reference board during Intel Corporation’s news event at CES 2019 on Jan. 7, 2019, in Las Vegas.
Walden Kirsch/Intel Corporation

Intel has readied a fix for MDS, but the patch will need to be deployed through different operating systems. For now, Apple claims that a recent update to its MacOS Mojave operating system and Safari desktop browser already included the fix, so Mac users should download the latest updates if they haven’t already done so. Google also claimed that its recent products already contains a fix, while Microsoft issued a prepared statement stating that a fix will be ready later today. Windows 10 users are advised to download this patch.

“We are working to deploy mitigations to cloud services and release security updates to protect Windows customers against vulnerabilities affecting supported hardware chips,” Microsoft said.

Amazon Web Services have also deployed fixes. “AWS has designed and implemented its infrastructure with protections against these types of bugs, and has also deployed additional protections for MDS,” AWS said in a statement. “All EC2 host infrastructure has been updated with these new protections, and no customer action is required at the infrastructure level. Updated kernels and microcode packages for Amazon Linux AMI 2018.03 and Amazon Linux 2 are available in the respective repositories (ALAS-2019-1205).”

Though chips released starting last month already contained a hardware level fix, Intel claims that microcode updates are enough. “For other affected products, mitigation is available through microcode updates, coupled with corresponding updates to operating system and hypervisor software that are available starting today,” the chipmaker said in a statement.

Security researchers from TU Graz and VUSec disagreed with Intel’s conclusion and advised that hyperthreading be disabled, as this process could make it easier for attackers to carry out MDS attacks. In an interview with Wired, Intel downplayed the flaw rating the four vulnerabilities at a low to medium severity, and the company claimed that disabling hyperthreading is not necessary. Intel claims that a lot of noise is also leaked, and it would be very difficult for an attacker to infer your secret data.

At this point, AMD and ARM silicon are not affected by the vulnerability. If your system is running an Intel chip, be sure to apply the latest software patches and check for any new system updates in the coming days.

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
Intel may bring back older desktop CPUs because DDR5 is getting too expensive
Older Intel Core CPUs from 10th to 14th Gen may get a second life
Intel Core i5-12400F box sitting in front of a gaming PC.

Intel may be preparing an unusual response to the ongoing memory crunch. According to Chinese outlet ITHome, citing ChannelGate, the company’s latest production plan includes restarting production of 13th-gen and 14th-gen Core processors.

The move is expected to increase supply across Intel’s 10th, 12th, 13th, and 14th Gen CPU families, especially in mainland China. For DIY PC builders, the timing is important. DDR5 memory prices have climbed sharply, making newer platforms harder to justify for anyone trying to build an affordable gaming PC.

Read more
Amazon wants to design in-house chips for Kindles, Fire TV, and Echo speakers
Apple did it first. Amazon is doing it now, starting with 40 million chips a year and a partner most people have never heard of.
Amazon Kindle Scribe dark mode featured image.

Apple's decision to design its own chips reshaped the consumer electronics industry. Amazon may be about to make the same call, just about two decades later.

Supply chain analyst Ming-Chi Kuo reports that Amazon is preparing to shift away from externally sourced processors for its consumer electronics lineup, marking what he describes as the company's first major processor procurement change in 20 years. The transition is expected to begin in 2027.

Read more
AI wants to summarize it all. TripAdvisor’s misleading reviews show AI will also ruin your travel plans
Spotless, friendly, and totally wrong. AI summaries are hiding the reviews that actually matter.
Tripadvisor logo on MacBook

Planning a trip is stressful enough without wondering if the glowing hotel summary you just read was written by an AI that skipped the scary parts. As it turns out, that might be exactly what's happening on TripAdvisor.

According to an investigation by consumer group Which?, reported by the Guardian, TripAdvisor's AI-generated review summaries are smoothing over serious guest complaints, and in some cases, downright dangerous ones.

Read more