Researchers have discovered new vulnerabilities in Intel chips to steal data. How they work and how dangerous

The problem affects almost all processors of the company since 2011.

On the night of May 15, researchers from Graz Technical University, together with Intel, told about new critical vulnerabilities in the company’s processors. They are called Microarchitectural Data Sampling (MDS) and allow you to get data from the processor core in at least four different ways.

How are vulnerabilities arranged and affected?

Like Chipocalypse in January 2018, the new vulnerabilities are related to the speculative execution technology built into Intel processors. The chip tries to predict the code that will be executed next, and for the sake of speed it does this without the necessary security checks.

However, if Specter and Meltdown attacks used a processor’s cache, then through MDS, attackers can access internal memory buffers and obtain information that the chip has recently accessed. To do this, they simply need to embed the application or execute the JavaScript code on the victim’s computer.

The problem affects almost all Intel processors since the 2011 release. Vulnerability concerns including servers and cloud systems. True, Intel claims that 8th and 9th generation processors are protected from MDS attacks by hardware, as are all future models.

The researchers found four possible attacks based on MDS. ZombieLoad has become the most dangerous: the rest either work in conjunction with other attacks or require more serious manipulations.

MDS based attacks

  • ZombieLoad – allows you to overload the processor with tasks, because of what it starts to use buffers. Attackers can access any data in the processor cores, for example, browsing history in the browser;
  • RIDL – intercepts data on the fly when the processor loads or stores information. Requires the launch of malicious code on the victim’s computer – for example, through JavaScript on some website or advertising;
  • Fallout – allows you to read data that the operating system has written, enhances other attacks;
  • Store-To-Leak Forwarding — Uses the storage buffer and processor optimizations to crack address randomization, track the operating system, or get data in conjunction with Specter attack

Is it possible to defend and what will be the consequences

Intel cannot solve the problem on its own: the developers of operating systems must do this. Their systems have already updated Apple , Google , Microsoft and Linux . The best solution for users is to install the latest updates.

Journalists and Intel itself do not consider MDS attacks to be a critical vulnerability due to the complexity of execution and the need for physical access to devices. According to the company, updates will slow down processors at worst by 3%, and server chips by 9%. In most cases, users will not notice any changes during normal computer use.

Researchers expect to find other similar vulnerabilities.

MDS is the second largest group of vulnerabilities in Intel processors in two years, associated with speculative execution. Researchers fear that this may further be a source of weak points.

To reduce the chances of exploitation of vulnerabilities, cybersecurity experts advise against using Hyper-Threading technology. It creates virtual processor cores and speeds up performance, but is also the target of a ZombieLoad attack.

Google has already turned off multi-threading by default on Chrome OS 74. Other manufacturers, including Apple and IBM, also recommend not using the mode, but do not disable it by default. Intel doesn’t recommend disabling Hyper-Threading due to performance impact.

Back to top button