Just when you thought Intel processor chips are safe, another major security flaw is discovered affecting all computers, but especially cloud hosting servers. Zombieload as it is baptized, is a side-channel attack that targets specifically Intel processors dating all the way back to 2011. Thanks to the team of researchers from the Graz University of Technology, Intel has come up with a code to patch the vulnerability. However installation of the patch depends on individuals and manufacturers.
So what is all the hoopla surrounding Zombieload, which incidentally has its own logo.
What’s in a Name
Zombieload might sound like a bad horror movie. But it actually comes from the technical term “zombie load” that refers to data that the processor can’t understand or compute properly. This causes the processor to seek the help from the microcode to prevent a crash. Normally apps can only see their own data but Zombieload surpasses all barriers, allowing data to leak across boundaries from the processor.
Zombieload or Micro-architectural Data Sampling (MDS) involves exploiting a design flaw in the Intel processors that makes it open to sophisticated hackers. The researchers from the Graz University can show in real time how you can easily manipulate the Intel chip to see websites a user is visiting. This vulnerability can be further exploited to gain access to sensitive data stored in the processor like passwords, secret key and account tokens as well as private messages.
In all practicality the security flaw has been caught in time since no attacks are reported, however the research team can’t entirely rule out the possibility. The problem being there is a likely scenario that an attack might not have left a notable trace.
Earlier in the year Intel processors were in the line of fire for Spectre and Meltdown that exploited a weakness in the speculative execution of the processor. Daniel Gruss, who is part of the research team says Zombieload is by far the easiest than Spectre, but harder to exploit than Meltdown. However the team also acknowledge that there are better ways to take control of a computer than via these flaws.
How it Effects the Cloud Environment
Cloud servers that use the Intel chip as part of their hardware are open to security attacks. The potential to do harm is immense once you think about how cloud networks are setup. User data is easily accessible to malicious hackers as the virtual machines all run on the same server hardware. The method of deployment can be as simple as malicious code compiled in an app or delivered as malware.
Intel Processors Affected
- Intel Xeon
- The Intel Broadwell
- Sandy Bridge
- Skylake and Haswell
- Kaby Lake
- Coffee Lake
- Whiskey Lake
- Cascade Lake
- Atom and Knight
Hosts Caught in the Middle
Operating systems too have been in left in the lurch due to flaw in the Intel chips. Programs running on servers like Apple, Windows, Android, Linux and Chrome are all vulnerable as they can be used to gain access to the processor. This has left hosts weak against attacks. Thankfully the giants of the industry have banded together to create patches that will plug the leak.
Patch Availability for Zombieload
The patch is a workable plan to combat the Zombieload disaster. Corrective actions are in place to prevent such problems in the future. Full or partial mitigation are also deployed to cloud servers to help them be safe.
Apple has said that iPhone, iPads and the Apple Watch doesn’t require a path. However if you are using Sierra or High Sierra then the patch will seal the deal. MacOS Mojave however won’t need the patch installed as it will already have the patch when released on Monday.
Microsoft vouches to make the patch available via Windows update protocol. Releasing on Tuesdays, the patch for the OS will help even vulnerable computers. On the hosting front, Microsoft Azure assures all customers that the protective patch for the Zombieload bug is in place.
Google also has made confirmations about the release of patches to combat against Zombieload attacks. Android devices not running the Intel chip are safe, along with Chrome OS devices like the Chromebooks. And to show the world that it truly thinks ahead in time, all customers on Google Cloud have the patch.
Amazon too says they are safe from such attacks. The Amazon Web Services (AWS) servers all have the patches to prevent malicious attacks.
Pitfalls of the Patch
The patch has brought about a giant relief, but unfortunately it also has some bad news. Intel processors for years have flaunted their proprietary HyperThreading technology on the pricey i7s and i9s. However according to Apple deploying full mitigation protocols against Zombieload comes at a hefty 40% decrease in performance.
Intel’s own benchmarks however refute this by claiming only marginal decrease is observable. The company’s own in-house testing, a Core i9 9900K with HyperThreading functionality drops 3%. But by disabling the HyperThreading, there is a much noticeable 9% drop.
Disabling HyperThreading impacts performance tremendously, which is why Intel doesn’t recommend everyone do this. Only in certain instances do you need to totally shut down the revolutionary speedster. The discretion of the hosting company comes into play here, but user data security is also top priority.
Aspiration Hosting Pledge
Well aware of the guffaw caused by the Intel chip Zombieload flaw, the big shots at Aspiration Hosting are working on a patch and repair work. Users using the cloud hosting and dedicated cloud servers need not fear. Our team of experts are closely monitoring the situation. When you host with Aspiration Hosting, you place your trust with us, that we uphold always.
ANNOUNCING: All servers have the Linux patches. Zombieload design flaw will not effect any of our users.
And for our web developing friends, if you want 15% lifetime commission then send over your clients to us. Trust and Expertise is what makes Aspiration Hosting the best. For more details on our superior plans and bundle offers, contact us via the very convenient Live Chat.