Intel Zombieload vulnerability: Here's how it works and how you can protect yourself

By Mithun Mohandas | Published on May 16 2019
Intel Zombieload vulnerability: Here's how it works and how you can protect yourself

Get Redmi 8 4GB+64 GB @ RS.7,999

With 12MP+2MP AI Dual camera, 5000mAh battery, fast charging, Fingerprint sensor + AI Face unlock

Click here to know more

Zombieload, that's what security researchers are calling the latest vulnerability to affect Intel processors up until their latest CPUs. It's a side channel exploit that allows attackers access to sensitive data purely by taking advantage of the vulnerability rather than having to push a payload onto the target system. As with Meltdown and Spectre, Zombieload comprises of four individual bugs. Almost all Intel CPUs since 2011 are believed to be affected. AMD and ARM processors are not vulnerable, so far.

How does Zombieload work?

The way Zombieload works is by pushing a significant amount of data which the processor can't process. This results in the processor having to rely on the microcode to decipher this zombie load and in doing so, applications that are currently residing on the CPU cache can access another application's data. As per security conventions, each application is only allowed access to its own data. This vulnerability, when exploited, allows access to everything that's currently stored in the CPU CACHE.

In a video, the security researchers that discovered the bug showcased how they could see which websites were being viewed on the target computer, in real time. Since the exploit gives access to everything in the target processor's cache, even passwords and other sensitive data can be easily accessed.

The researchers had informed Intel about the vulnerability last month to allow them sufficient time to patch it. Zombieload was discovered by a group of security researchers including Michael Schwarz, Moritz Lipp, Daniel Gruss (Graz University of Technology), and Jo Van Bulck (imec-DistriNet, KU Leuven).

Are you safe?

Practically all Intel CPUs including the server-grade Intel Xeon and the consumer-grade Intel Broadwell, Sandy Bridge, Skylake and Haswell chips are affected. The more recent Intel Kaby Lake, Coffee Lake, Whiskey Lake and Cascade Lake chips are also affected. Also, all Atom and Knights processors are included in the list of vulnerable CPUs.

Since consumer and server grade processors are affected, Zombieload can be exploited to gain access to your data stored on your personal PCs as well as your data stored on cloud services.

A proof of concept Zombieload exploit code has been released to the public via Github.

How do you protect yourself?

Update. Intel has already worked with major hardware and software companies to push a microcode update. If you're on Windows or Linux, you should have received an update with the new security patch.

As for cloud services, all major cloud service providers including Google, Apple and Microsoft have already deployed the security updates to protect the affected processors.

Does the  Zombieload patch affect performance?

Like Spectre and Meltdown, when Zombieload is patched there will be a performance impact. On consumer PCs, this will be about 3% and on server PCs the impact will be about 9%.

Mithun Mohandas

While not dishing out lethal doses of sarcasm, this curious creature can often be found tinkering with tech, playing 'vidya' games or exploring the darkest corners of the Internets. #PCMasterRace

Intel Core i7-7740X

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.