ZombieLoad attack lets hackers steal data from Intel chips

Check your updates.

A newly discovered security flaw in Intel processors allows attackers to steal any data that’s been recently accessed by the processor. That even holds true on cloud servers, which could allow an attacker to steal information from other virtual machines running on the same PC.

It’s not known whether the attack, dubbed ZombieLoad, has been used by malicious hackers. The flaw was discovered by researchers from Graz University of Technology and was disclosed to Intel. Intel has issued code to patch the flaw, though it has to be implemented by individual manufacturers and then installed by users before everyone is protected.
The flaw affects almost every Intel chip since 2011, according to TechCrunch. Wired reports that Apple and Google have already issued updates, while Microsoft announced the availability of updates today. Attackers have to be able to run code on a machine in order to take advantage of ZombieLoad, so this isn’t a flaw everyone is imminently at risk from.

Intel says that its two most recent generations of Core processors prevent against this type of attack, …

More at – theverge.com