Intel ZombieLoad vulnerability might expose sensitive data like passwords to hackers

1044

Intel has made an official announcement that all those processors manufactured by the company after 2011 are now vulnerable to ZombieLoad flaw which can expose sensitive data like passwords to hackers- similar to the ones seen in Meltdown and Spectre Vulnerabilities.

As per the security analysts, ZombieLoad flaw is critical and operates by exploiting design flaws in the making of Intel Chips throwing sensitive data to hackers.

Previously, Meltdown and Spectre flaws were seen in silicon chips manufactured by AMR and ARM companies. But the latest happens to be only present on Intel Processors.

Cybersecurity Insiders has learned that the latest flaw of Intel was discovered by a team of researchers from Austrian University, University of Michigan and University of Adelaide along with the University of Germany.

In its latest blog posts, Intel announced that it has taken note of the flaw giving a reference to a design flaw in Microarchitectural Data Sampling (MDS).

Hackers are said to be exploiting the flaw in the MDS program to read data that otherwise wouldn’t have possible to see.

Intel stated that under practical circumstances, the exploit of the vulnerability is tedious. And the company says that all the hardware which it produces in the future will be released after addressing the recently discovered vulnerability.

Intel said in its latest blog statement that it might roll out updates to operating systems and hypervisor software to fix the flaw. So, those using Intel chip loaded devices are requested to apply the fix for the flaws as soon as it gets released.

Note 1- In layman terms, the flaw could make hackers take control of data being transmitted to/from the chip at a given time.

Note 2- Those devices running on MacOS Mojave 10.14.5 versions have already been patched and the company is soon planning to issue updates to Sierra and High Sierra models by early next July.

Note 3- All Chrome devices are already protected from such attacks and so require no fix.

Note 4- Microsoft will be releasing a windows update to ZombieLoad flaw by this month.

Ad
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display