Zombieload is back

First discovered in May of this year, it was described as a successor to the infamous Meltdown attack. That was a data-leaking side-channel vulnerability that impacted all Intel processor generations from 2011 and beyond.

Intel hasn't had a good run of late, being beset almost constantly by these kinds of issues, and Zombieload was one of three new MDS variants discovered.

The company struggled to deal with the issue and finally resolved it, much to the relief of a beleaguered user base. Now, a new threat has emerged in the form of Zombieload 2.0. It was discovered by the same group of security researchers who discovered the initial Zombieload flaw, and the issue is being tracked as CVE-2019-11135.

The following chipsets are vulnerable

  • Ivy Bridge
  • Skylake-S
  • Kaby Lake
  • Kaby Lake-R
  • Coffee Lake-S
  • Coffee Lake-R
  • Broadwell-EP
  • Sandy Bridge-EP
  • Skylake-SP
  • And Cascade Lake

Intel has dubbed this issue as a "Transactional Synchronization Extensions Asynchronous Abort" vulnerability, or TSX TAA, for short. In order to exploit the flaw, the hacker has to be onsite with the machine and have the ability to monitor the execution time of TSX regions. That is, in order to infer memory state by comparing abort execution times.

The flaw impacts desktops, laptops and cloud computers running the affected chipsets. The limitations surrounding the issue make it relatively difficult (but certainly not impossible) to pull off, which is perhaps the only silver lining in the discovery.

Our perspective

The other bit of good news is this:  Intel has already released microcode patches to address the issue. So if you have a machine that's running one of the at-risk chipsets, you can get the fix right now. Although it's unlikely it could be used against you, patching the vulnerability is highly recommended.

 

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there! " ~

 

Meanwhile, check out this report

This free executive report may give you insights into how to build your business with safe IT environments: 10 Hidden IT Risks That Might Threaten Your Business and 1 Easy Way to Find Them

The author

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI am Denis Wilson, President and Principal Consultant for DWP Information Architects. I help professionals grow their business by building a foundation of rock-solid information solutions for smaller healthcare, insurance, financial, legal, and nonprofits firms in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with a variety of organizations, as well as providing small business technology education programs through business and professional associations. This just in: I will be speaking regularly at California Lutheran University's Center for Nonprofit Leadership starting in September.

Contact me if you would like me to speak at your association.