Wednesday, May 15, 2019

Meltdown Redux: Intel Flaw Lets Hackers Siphon Secrets from Millions of PCs | Wired

Also see Apple, Amazon, Google, Microsoft and Mozilla release patches for ZombieLoad chip flaws | TechCrunch
"Intel had asked all the researchers—who split into two groups working independently—to keep their findings secret, some for more than a year, until it could release fixes for the vulnerabilities. But at the same time, the company has sought to downplay the severity of the bugs, according to the researchers, who warn that the attacks represent a serious flaw in Intel's hardware that may require disabling some of its features, even beyond the company's patch. AMD and ARM chips don't appear to be vulnerable to the attacks, and Intel says that some models of chip it's released in the past month include a fix for the problem. Otherwise, all of Intel's chips that the researchers tested, going back as early as 2008, were affected. You can test if your system is affected with a tool the researchers published here.

Like Meltdown and Spectre, the new MDS attack takes advantage of security flaws in how Intel chips perform speculative execution, a feature in which a processor guesses ahead of time at what operations and data it will be asked to execute, in order to speed up the chip's performance."
Meltdown Redux: Intel Flaw Lets Hackers Siphon Secrets from Millions of PCs | Wired

No comments: