Security researches have recently discovered a new vulnerability in Intel chips. According to a report, almost all chips produced since 2011 are vulnerable to these attacks. The new vulnerability goes by the name ZombieLoad. It is similar to the Meltdown and Spectre features found in the Intel chip last year.
According to Intel, the macOS 10.14.5 update arrived with a proper fix to these vulnerabilities. ZombieLoad is a mixture of four vulnerabilities, rooted in “speculative execution” and “out-of-order execution”. As per the researchers, the entire data loaded by the processor core is compromised at the hands of ZombieLoad.
ZombieLoad – How do hackers benefit from this?
The reason behind this is similar to the previous Meltdown and Spectre features, due to chip design flaws. By successfully exploiting this design flaw, hackers can perform side-channel attacks on Intel chips. Not just offline, the affected laptops are also vulnerable to attacks in the cloud. It is told that the vulnerability, ZombieLoad, can be triggered in a virtual machine. Being as powerful, it breaks the original isolation between the virtual machine, other virtual systems and their host devices.
There are currently no public examples of malicious use of zombie payloads, but updating Mac software is still a good idea. Intel has released a microcode update, and the microcode patch will encapsulate the data from being read. Apple also implemented these updates in yesterday’s macOS 10.14.5, and Apple also provided ZombieLoad with security updates for the macOS High Sierra and macOS Sierra versions.