The security researchers have found a set of new vulnerabilities in Intel. If these vulnerabilities are exploited, they are capable of stealing very sensitive information from the processors directly. These bugs are similar to the Meltdown and Spectre. The hackers will exploit the weakness of a processor via speculative execution and steal the data that it had.
ZombieLoad Will Help Hackers to Exploit The Processors due to Design Flaws without Injecting Malware
The researchers named these new bugs as ZombieLoad. The flaws in the design are enough for the hackers to get into the processor and steal all the information including sensitive data. Intel said that this ZombieLoad has four bugs and the security researchers have already brought those bugs to their notice.
All the computers that have Intel chips from 2011 are vulnerable for the attack. The ZombieLoad will leak the huge amounts of data when it is unable to understand how to perform an operation. This forces the processor to ask for help from the microcode.
Usually, the apps are capable of seeing only their own data but this bug gives a provision of seeing all the data that has been uploaded in the processor. Intel said that they have already released a patch for this issue.
The researchers made a video which clearly shows how the microcode can be used to get the data present in a processor. Not only PCs but the cloud is also vulnerable for this software. Daniel Gruss, one of the researchers who found this bug has stated that the flaws work similarly on the cloud as they are doing with the processors. Any information present in the cloud which can be accessible by the processor can also be accessed by the hackers.