Intel launched the ninth generation of Intel Core H-series mobile processors in April. It sold its virtues: improved performance and increased responsiveness but just a few months later a new vulnerability has appeared in this company’s processors.
This vulnerability allows the processor architecture to be used to steal information from devices, including browsing history. In addition, the vulnerability, which they have called ZombieLoad, makes processors slower.
The researchers who discovered it, from the University of Graz (Austria) and the Catholic University of Leuven (Belgium), define this new type of threat as an attack by microarchitecture of data sampling. Bitdefender explains that the problem overrides processor protections and allows unprivileged user mode applications to steal information processed by core mode memory from the computer.
Does this vulnerability affect your computer’s processor?
It seems so. According to TechCrunch, ZombieLoad is present in most Intel processors manufactured since 2011, since they use SGX security extensions, a software architecture that manages processor hardware permissions. As with the Meltdown attack, Intel’s processor architecture allows potential attackers to access values, such as the chip’s cache, which allows them to obtain and filter sensitive information from the affected device such as its browsing history, ‘reliving’ it through parallel channel techniques.
Intel assures that the vulnerability in microarchitecture “is already addressed at the hardware level” in many of his recent eighth and ninth generation Intel Core processors, as well as in the 2nd Generation Intel Xeon family of scalable processors.
For the rest of the products affected by ZombieLoad, Intel has encouraged users to keep their systems up to date, assuring that a security patch has been distributed this Wednesday.