ZombieLoad vulnerability in Intel chips since 2011

SpyderTracks

SpyderTracks

We love you Ukraine
This needs some attention, would highly recommend everyone install the latest Windows patches, and if you can, find the dedicated Microcode updates from Intel.

techcrunch.com

New secret-spilling flaw affects almost every Intel chip since 2011 | TechCrunch

Security researchers have found a new class of vulnerabilities in Intel chips which, if exploited, can be used to steal sensitive information directly
techcrunch.com techcrunch.com

gizmodo.com

What To Do About the Nasty New Intel Chip Flaw

An entire class of vulnerabilities in Intel chips allows attackers to steal data directly from the processor, according to new reports from a group of cybersecurity researchers from around the world. Intel, Apple, Google and Microsoft among other tech giants have released patches to address the...
gizmodo.com gizmodo.com

www.zdnet.com

How to test MDS (Zombieload) patch status on Windows systems

PowerShell script tells you if your Windows OS is safe from MDS attacks.
www.zdnet.com www.zdnet.com

Yet another serious flaw in Intel chips, and the patches will again have a negative impact on performance, currently estimated around 3% for normal windows users, up to 9% for datacenters and virtualised instances.

In itself, it doesn't seem that bad, but factor in Spectre and Meltdown patches, and we're looking at performance loss over 20%.

This is totally unacceptable.

I won't be buying Intel again until they address these flaws at the hardware level. Remember, even 9th Gen still doesn't patch the Spectre/Meltdown vulnerabilities, they've not done any redesign to mitigate those flaws.

Totally unacceptable imho.
 
Last edited:
ubuysa

ubuysa

The BSOD Doctor
AFAIK this new vulnerability is Intel only, however the 'speculative execution' technique that is the root of both this and the earlier vulnerabilities, is not unique to Intel. Whilst I know next to nothing about the internals of modern CPUs I rather suspect that we've not heard the last of either hyper-threading nor speculative execution vulnerabilities from either Intel nor AMD. Both techniques require the processor chip to store a lot of status for the thread that's not executing or, in the case of speculative execution, the thread that may execute, and access to that saved status needs to be very tightly controlled. Both techniques are designed to improve throughput so any mitigation, or redesign for future chips, is likely to have a throughput impact. Once again, there is no such thing as a free lunch.

To be fair to Intel, you need to already have allowed malware to execute on your computer in order for it to exploit these vulnerabilities, so your best defense is to keep malware out of your computer, the guidelines for doing that are well-known.

I agree with SpyderTracks that keeping Windows and the microcode patched is essential, but safe operating practices are just as important.

The most insecure component of any computer is the end user - especially if you login with an administrator account....
 
polycrac

polycrac

Rising Star
I'm a bit confused about the hyperthreading aspect (see link and the update at the end). If the mitigation is going to limit hyperthreading it makes the Intel/AMD divide even starker for multithreaded workloads:

www.google.com

Intel ZombieLoad flaw forces OS patches with up to 40% performance hits

Disabling hyper-threading may be the only way to protect a computer against the latest Intel chip flaw, at a huge cost to performance.
www.google.com www.google.com

Has anyone found comprehensive benchmarks with the mitigations in place?
 
SpyderTracks

SpyderTracks

We love you Ukraine
polycrac said:
I'm a bit confused about the hyperthreading aspect (see link and the update at the end). If the mitigation is going to limit hyperthreading it makes the Intel/AMD divide even starker for multithreaded workloads:

www.google.com

Intel ZombieLoad flaw forces OS patches with up to 40% performance hits

Disabling hyper-threading may be the only way to protect a computer against the latest Intel chip flaw, at a huge cost to performance.
www.google.com www.google.com

Has anyone found comprehensive benchmarks with the mitigations in place?
Click to expand...
I don't think they've done benchmarks yet, this was only just announced yesterday.

I'd watch out for GamersNexus, Linus and Hardware Unboxed, they're usually pretty quick to the mark.

But yes, this will put a strain on Intel's performance dominance and put Zen 2 even further ahead.

I have no problem with these vulnerabilities being found in the architecture, it's bound to happen. It's Intels approach to the solution that really really bugs me. They flat out lied to consumers about the impact of the Spectre/Meltdown mitigations and even when confronted, tried to spin the bad news. I'll be interested to hear what they say about this, but I have no doubt it will be another sidestep, if not then a complete flat out misrepresentation. I hope I'm proved wrong.
 
ubuysa

ubuysa

The BSOD Doctor
I've just received Windows 10 update KB4494441 which contains mitigation for some of the latest MDS attacks (https://support.microsoft.com/en-us/help/4494441/windows-10-update-kb4494441).

Depending on whether you trust sites like this, there is a MDS tool that will show you what your CPU is vulnerable to via https://www.ghacks.net/2019/05/15/m...microarchitectural-data-sampling-attacks-mds/. Attached is the output from mine (the green border is because it's running in my sandbox).

FWIW I have now disabled hyperthreading in my BIOS (I know that's not a complete solution), I really don't need it for what I do in any case and I'll await the BIOS updates from Asus....
 

Attachments

  • MDS tool output.jpg
    MDS tool output.jpg
    200.6 KB · Views: 301
debiruman665

debiruman665

Enthusiast
I remember when people used to deride conspiracy theorists when they said Intel chips had a tonne of backdoors at the hardware level. They must really feel vindicated now.
 
ubuysa

ubuysa

The BSOD Doctor
debiruman665 said:
I remember when people used to deride conspiracy theorists when they said Intel chips had a tonne of backdoors at the hardware level. They must really feel vindicated now.
Click to expand...
:D

I think these unexpected vulnerabilities demonstrate quite the opposite. If they can't even get throughput improvements working properly then what hope is there that they could ever really hide a backdoor!

TBH I don't think we should be surprised at this, innovation has always been 'two steps forward and one step back'. As we strive for more performance and better throughput in computing it's become a sad fact of life that we have to also consider how developments can be misused and that's rather like trying to prove a negative. You're asking the designers not just to find ways of making things faster but to ensure the new features work only as intended. The 'law of unintended consequences' quite often jumps up to bite you unfortunately.

I think we need always to remember that 'the man who never made a mistake never made anything'. What would you say to the person who invented the wheel for example, now that we know that it kills millions and millions of people through being used in ways he (or she) never envisaged at the time?
 
You must log in or register to reply here.
Top