Dutch researchers find major vulnerability in Intel chips

New security flaw in Intel chips could affect millions

Intel processors hit with another serious security flaw impacting millions of PCs

The leak covered all Intel processors made since 2008 and would have been extremely easy to abuse, the researchers say. They could be used to get passwords or access tokens.

Those who discovered the attacks include researchers from the Austrian university TU Graz, Vrije Universiteit Amsterdam, the University of MI, the University of Adelaide, KU Leuven in Belgium, Worcester Polytechnic Institute, Saarland University in Germany and Cyberus, BitDefender, Qihoo360 and Oracle, Wired says. It is this process that the bug exploits to let data bleed across boundary walls.

Farmer amputates his leg with pocket knife to save own life
The father-of-three spent a week in hospital, and two weeks at a rehabilitation facility, before being released last Friday. Once his leg is healed, he'll be fitted for a prosthetic and should be able to walk again.

Reminiscent of Meltdown and Spectre, Zombieload exploits a weakness in speculative execution.

"Ever since Meltdown/Spectre, if not before, researchers have been going over every micro-architectural enhancement from the past 40 years and assessing them as side-channel targets", said Joe FitzPatrick, an instructor and researcher at SecuringHardware.com, a training site. Odds are we will be fixing a number of small things in this area for the next few weeks as things shake out on real hardware and workloads. Like Meltdown and Spectre, ZombieLoad is only thought to affect Intel processors, so devices running on AMD or ARM processors (such as smartphones and tablets) shouldn't be vulnerable. This would be a drastic step to take for ordinary consumers, but enterprise and datacentre customers with lots of sensitive information stored may want to consider it, although it will come at the cost of performance. In Intel's own words, four processor architecture features (Store buffers, Load ports, Fill buffers, and Uncacheable memory) on processors which utilise speculative execution "may allow an authenticated user to potentially enable information disclosure via a side channel with local access".

Les soeurs Williams se retrouvent à Rome... 21 ans plus tard!
Elise Mertens peut nourrir des regrets après sa 4e défaite dès son entrée en lice en cinq tournois joués sur terre battue cette saison. " C'est fou .

Of course, hackers need to have some way to run code on a targeted machine before the MDS vulnerabilities can be exploited so their severity might not be relevant to people who keep their PC under lock and key.

The video above shows "how an attacker can monitor the websites the victim is visiting despite using the privacy-protecting Tor browser in a virtual machine".

Aston Villa hold nerve in penalty shoot-out
Steer was the hero though, saving penalties from Mason Holgate and Ahmed Hegazi, as Tammy Abraham scored the winning penalty. With no away goal applicable, extra time reined in as Johnstone parried a low shot 110 minutes in from Jack Grealish.

Latest News