Another CPU Vulnerability: ZombieLoad Attack

Forum Moderators: open

Message Too Old, No Replies

Another CPU Vulnerability: ZombieLoad Attack

brotherhood of LAN

7:57 am on Nov 13, 2019 (gmt 0)

We disclosed Variant 2 to Intel on April 23th, 2019, and communicated that the attacks work on Cascade Lake CPUs on May 10th, 2019. On May 12th, 2019, the variant has been put under embargo and, thus, has not been published with the previous version of our ZombieLoad attack on May 14th, 2019.

https://zombieloadattack.com/

[edited by: engine at 9:52 am (utc) on Nov 13, 2019]
[edit reason] adding context [/edit]

engine

9:58 am on Nov 13, 2019 (gmt 0)

Just updating this new ZombieLoad CPU vulnerability, apparently, it affect PCs and can be exploited on cloud-based systems.

The recommendation is to update your OS.

Here's Intel's security advisory [intel.com...]

Deep Dive: Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort [software.intel.com]

Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort / CVE-2019-11135 / INTEL-SA-00270 [software.intel.com]

Kendo

12:27 am on Nov 14, 2019 (gmt 0)

Dunno if this is related or not but I found that our Windows server was running at 100% CPU activity most of the time causing sites to time out. Tracked it down to the DNS server that we had running in that server. Have since relocated that DNS service and shut down DNS on that Windows server.... server now running at 3-5% CPU activity all the time.

tangor

3:12 am on Nov 14, 2019 (gmt 0)

Oh, Goody! New Fun Things To Mess Around With when I need to be working on something else. :)

Sigh.

engine

11:14 am on Nov 14, 2019 (gmt 0)

I just realised that three of the machines I have are AMD. I've not heard of any issues there.