Top Ad unit 728 × 90

Breaking News

random

Intel CPUs Released in Last 8 Years Impacted by New Zombieload Side-Channel Attack

Academics have discovered a new class of vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. From a report: The leading attack in this new vulnerability class is a security flaw named Zombieload, which is another side-channel attack in the same category as Meltdown, Spectre, and Foreshadow. Just like the first three, Zombieload is exploited by taking advantage of the speculative execution process, which is an optimization technique that Intel added to its CPUs to improve data processing speeds and performance. For more than a year, academics have been poking holes in various components of the speculative execution process, revealing ways to leak data from various CPU buffer zones and data processing operations. Meltdown, Spectre, and Foreshadow have shown how various CPU components leak data during the speculative execution process. Today, an international team of academics -- including some of the people involved in the original Meltdown and Spectre research -- along with security researchers from Bitdefender have disclosed a new attack impacting the speculative execution process. This one is what researchers have named a Microarchitectural Data Sampling (MDS) attack, and targets a CPU's microarchitectural data structures, such as the load, store, and line fill buffers, which the CPU uses for fast reads/writes of data being processed inside the CPU. [...] In a research paper published today, academics say that all Intel CPUs released since 2011 are most likely vulnerable. Processors for desktops, laptops, and (cloud) servers are all impacted, researchers said on a special website they've set up with information about the Zombieload flaws.

Read more of this story at Slashdot.



from Slashdot http://bit.ly/2JlB8Sl
Intel CPUs Released in Last 8 Years Impacted by New Zombieload Side-Channel Attack Reviewed by Unknown on 00:02 Rating: 5

No comments:

Contact Form

Name

Email *

Message *

Powered by Blogger.