'ZombieLoad' vulnerability in Intel processors puts data in danger on Mac

Posted:
in macOS edited May 14
Yet another major flaw has been discovered in practically all of Intel's processors released since 2011, with a new class of discovered vulnerabilities that could allow sensitive information to be stolen from the processor, in an issue likened to the Meltdown and Spectre fiasco.




A number of researchers who found the Meltdown and Spectre chip flaws, which affected nearly all iOS and macOS devices, have found more flaws in Intel's processors. The vulnerabilities used problems with the way processors were designed to enable attackers to acquire data temporarily stored on the processor, including sensitive user data being used for tasks.

Some of those researchers have detailed a new side-channel attack called "ZombieLoad," which can potentially pull of the same trick of exploiting design flaws in an Intel processor, reports TechCrunch.

Unlike Meltdown and Spectre, the issue only lies with Intel processors, leaving AMD and ARM chips unaffected. This means that only Macs released since 2011 are at risk of the issue, and iPhones, iPads, and others using A-series processors are fine.

ZombieLoad is named after the "zombie load" used in the attack, namely a large amount of data provided to the processor that it cannot properly process. When encountering the issue, the processor refers to its microcode to prevent a crash.





While in normal cases apps can only see its own data, the flaw means that data can bleed across to other apps, and in the case of ZombieLoad, will leak all data loaded into the processor's core. It isn't clear if exploits are available in the wild, but they would not be "drive-by" attacks, and would have to rely on maliciously coded software to leverage.

A proof of concept attack video shows how the flaw could be abused to monitor websites that a victim is reading. This is also possible despite normal efforts to obfuscate the activity, including using the privacy-focused Tor browser running within a virtual machine.

As virtual machines can be affected, this means the issue also applies to enterprise users who host multiple virtual instances on servers. An attacker would have the opportunity to acquire data from many active virtual machines simultaneously in such cases, making it potentially dangerous.

Intel advised patches to the microcode will fix the issue, clearing buffers so no data could be read. Microcode patches have been created for Intel Xeon, Broadwell, Sandy Bridge, Skylake, and Haswell chips, but processors including Kaby Lake, Coffee Lake, Whiskey Lake, and Cascade Lake chips, and all Atom and Knights variants, are also affected.

Apple has already patched the issue in Safari with no measurable performance hit in its release of macOS Mojave 10.14.5 on Monday. A 40-percent reduction in performance may be experienced by those who elect to apply the full mitigation, as it would involve the disabling of hyper-threading, though most users may wish to avoid going down this route.

"The Mojave patch from Monday has robust protections for MDS vulnerabilities. If users feel that they are at a high-risk for related attacks, we've enabled the ability to turn off hyper-threading in total in Mojave, Sierra, or High Sierra," a source within Apple corporate not authorized to speak on behalf of the company told AppleInsider. "There are no 'in the wild' exploits at this time for macOS, and we aren't expecting any."

Apple does advise that there are some models that are not able to include the fixes due to a lack of microcode updates from Intel. The list of unsupported Mac models largely consists of MacBook, MacBook Air, MacBook Pro, iMac, Mac Pro, and Mac mini models released between 2009 and 2010.
«1

Comments

  • Reply 1 of 22
    ARM processors on Macs in 5-4-...
    DAalsethmagman1979cornchipwatto_cobrajony0
  • Reply 2 of 22
    k2kwk2kw Posts: 1,767member
    ARM processors on Macs in 5-4-...
    So ready for it.   Just hope Supreme Court doesn’t mess things up with App Store ruling
  • Reply 3 of 22
    DAalsethDAalseth Posts: 685member
    ARM processors on Macs in 5-4-...
    Agreed. I was dubious, but between these vulnerabilities that keep cropping up, and Intel's ever slipping delivery dates, yes, A Series processors are looking better and better.
    cornchipJWSCwatto_cobrajony0
  • Reply 4 of 22
    22july201322july2013 Posts: 741member
    How do I determine which class of intel chip is in each of my Macs?
    watto_cobra
  • Reply 5 of 22
    How do I determine which class of intel chip is in each of my Macs?
    One solution, there may be simpler ones I guess:
    1. Open a terminal, then paste this command (without quotes):
    "sysctl -n machdep.cpu.brand_string"
    2. On the search engine of your choice, search for (without quotes):
    "ark.intel.com string_returned_by_previous_command"
    Example: ark.intel.com Intel(R) Core(TM) i7-4558U CPU @ 2.80GHz
    The first links will direct you to your CPU product sheet which contains the information you need (towards the top).

    EDIT: formatting.
    edited May 14 cornchippscooter63
  • Reply 6 of 22
    mknelsonmknelson Posts: 362member
    How do I determine which class of intel chip is in each of my Macs?
    "About This Mac" in the Apple Menu (and the System Report) can get you the model number. You can use Mac Tracker to get the exact processor model by referencing your hardware.
    watto_cobra
  • Reply 7 of 22
    cornchipcornchip Posts: 1,361member
    reason to not upgrade my '09 8-core to 2012 chips?
  • Reply 8 of 22
    knowitallknowitall Posts: 1,419member
    Turn off hyper-threading ...
    Not a fan of this Intel technology because its one and a half core (instead of two).
    Now its clear that this is a real bad design decision bleeding data ...
    The end of Intel I think.
    watto_cobra
  • Reply 9 of 22
    seanismorrisseanismorris Posts: 1,028member
    knowitall said:
    Turn off hyper-threading ...
    Not a fan of this Intel technology because its one and a half core (instead of two).
    Now its clear that this is a real bad design decision bleeding data ...
    The end of Intel I think.
    A 40% difference between hyper-threading on vs. off is huge.  

    I cant say it’s a bad design decision, but more likely it wasn’t implemented correctly.  The predictive component of processors aren’t going to go away, but they have to do need more sandboxing.  Processors are experiencing “growing pains” with regards to security.  I do think ARM chips are going to have an advantage over Intel long term.  The question is will Apple’s approach work best.  They’re kind of branching away from the base design and that may open them up to new security issues that effect only them.
    StrangeDayswatto_cobra
  • Reply 10 of 22
    emoelleremoeller Posts: 453member
    Non-issue if you have updated to MacOS 10.14.5 yesterday as Apple included the fix in that update.
    chasmhypoluxaracerhomie3
  • Reply 11 of 22
    chasmchasm Posts: 1,643member
    As Emoeller pointed out, update to the latest Mojave and carry on. If you can’t update to Mojave, it is well past time for you to upgrade your hardware. This doesn’t require buying a brand new Mac — my Mojave machine is a 2012 MBP, and this machine is almost certainly going to run 10.15 when that comes out (though I will have moved on most likely by that point, but the point stands).

    My pro tip for people who have been content using a 10-year-old Mac — your next “Mac” should probably be an iPad and keyboard, unless you’re reliant on Mac-exclusive software.
    hypoluxaracerhomie3watto_cobra
  • Reply 12 of 22
    DAalsethDAalseth Posts: 685member
    chasm said:
    My pro tip for people who have been content using a 10-year-old Mac — your next “Mac” should probably be an iPad and keyboard, unless you’re reliant on Mac-exclusive software.
    Agreed. I have a 2016 IMac and it could very well be my last Mac. Most of my writing, artwork, photo editing, graphics, and video editing is on my iPad Pro. More and more my Mac is an anachronism. I can see in another three or so years when it comes time to retire it, just using my iPad with an external monitor and keyboard/mouse when I'm at home. 
    watto_cobra
  • Reply 13 of 22
    lkrupplkrupp Posts: 7,162member
    I’ll sleep under my bed tonight I’m so scared. If you read the articles about this fully you find out that exploiting these flaws takes high level expertise and skill, something only state actors would be capable of. So if you are not a spy or CIA you probably don't have to worry much about. Meanwhile we Joe-Six-Packs can continue browsing Xhamster.com without fear of being hacked by these flaws. Same went for the original Meltdown and Spectre flaws that have disappeared from tech radar.
    cornchipracerhomie3kuduwatto_cobra
  • Reply 14 of 22
    coolfactorcoolfactor Posts: 1,505member
    The timing is interesting. Apple releases 10.14.5 at the same time this vulnerability is exposed. I wonder if there was an agreement in place between the researchers and Apple? And didn't Microsoft just release a number of fixes for Windows this week?

    Curious why only Safari was patched. I figured it would be a system-level fix. What about Chrome, Firefox and other browsers running on a Mac? Are they still susceptible until they incorporate fixes?

  • Reply 15 of 22
    StrangeDaysStrangeDays Posts: 8,277member
    How do I determine which class of intel chip is in each of my Macs?
    One solution, there may be simpler ones I guess:
    1. Open a terminal, then paste this command (without quotes):
    "sysctl -n machdep.cpu.brand_string"
    2. On the search engine of your choice, search for (without quotes):
    "ark.intel.com string_returned_by_previous_command"
    Example: ark.intel.com Intel(R) Core(TM) i7-4558U CPU @ 2.80GHz
    The first links will direct you to your CPU product sheet which contains the information you need (towards the top).
    Quicker way:

    format C: /y
  • Reply 16 of 22
    gatorguygatorguy Posts: 20,904member
    The timing is interesting. Apple releases 10.14.5 at the same time this vulnerability is exposed. I wonder if there was an agreement in place between the researchers and Apple? And didn't Microsoft just release a number of fixes for Windows this week?

    Curious why only Safari was patched. I figured it would be a system-level fix. What about Chrome, Firefox and other browsers running on a Mac? Are they still susceptible until they incorporate fixes?

    Google has already taken steps to protect Chromebooks today, while Chrome OS 75 next month includes additional mitigation. On Apple devices the Chrome browser depends on Apple for a fix just as on Windows machines it's dependent on a Microsoft fix. 
  • Reply 17 of 22
    Mike WuertheleMike Wuerthele Posts: 4,763administrator
    If you can't see your comment, refer to the commenting guidelines.
  • Reply 18 of 22
    Johan42Johan42 Posts: 163member
    ARM processors on Macs in 5-4-...
    ARM sucks donkey balls so I don’t know why you’d want that in a Mac. All you’ll ever gain, if anything, is a small increase in battery life over Intel’s more powerful X86.
  • Reply 19 of 22
    uroshnoruroshnor Posts: 83member
    Johan42 said:
    ARM processors on Macs in 5-4-...
    ARM sucks donkey balls so I don’t know why you’d want that in a Mac. All y ou’ll ever gain, if anything, is a small increase in battery life over Intel’s more powerful X86.
    The A12X in the iPad Pro , is faster than the intel CPUs in about 90-95% of the x86 PCs sold at the moment. There are only 4 Mac CTO configs faster than the iPad Pro.


    watto_cobra
  • Reply 20 of 22
    How do I determine which class of intel chip is in each of my Macs?
    One solution, there may be simpler ones I guess:
    1. Open a terminal, then paste this command (without quotes):
    "sysctl -n machdep.cpu.brand_string"
    2. On the search engine of your choice, search for (without quotes):
    "ark.intel.com string_returned_by_previous_command"
    Example: ark.intel.com Intel(R) Core(TM) i7-4558U CPU @ 2.80GHz
    The first links will direct you to your CPU product sheet which contains the information you need (towards the top).
    Quicker way:

    format C: /y
    No BATCH please!!  :s
Sign In or Register to comment.