‘ZombieLoad’ Flaw in Intel Chips Could Lead to Stolen Sensitive Information; Apple Patched it in macOS 10.14.5
Security researchers have discovered a critical flaw in Intel chips, which have left almost every Mac dating back to 2011 vulnerable to potential security issues. But while this is big news in itself, there is good news at the end.
TechCrunch has the report on Tuesday. According to the publication, this particular bug, which is being called “ZombieLoad”, is reminiscent of the critical issues “Spectre” and “Meltdown” from back in 2018. This is a side-channel attack that could make it possible for some nefarious individuals to steal sensitive information off an Intel-based computer.
““ZombieLoad,” as it’s called, is a side-channel attack targeting Intel chips, allowing hackers to effectively exploit design flaws rather than injecting malicious code. Intel said ZombieLoad is made up of four bugs, which the researchers reported to the chip maker just a month ago.
Almost every computer with an Intel chips dating back to 2011 are affected by the vulnerabilities. AMD and ARM chips are not said to be vulnerable like earlier side-channel attacks.”
However, the silver lining itself is that these particular attacks are pretty difficult to pull off. So, while so many computers, including Macs, were capable of falling victim to it, it probably wasn’t popping up all the time. Which is why, in part, it’s only been discovered in 2019.
“These are far from drive-by exploits where an attacker can take over your computer in an instant. Gruss said it was “easier than Spectre” but “more difficult than Meltdown” to exploit — and both required a specific set of skills and effort to use in an attack.”
The good news here is that Apple has already patched the issue. Recently, though. Apple launched macOS Mojave 10.14.5 to the public just one day ago, and, with that software, patched this particular security issue. Apple has critical updates for macOS Sierra and macOS High Sierra that patch the issue as well.
So if you haven’t updated yet, you probably should.
via iPhone Hacks http://www.iphonehacks.com/2019/05/zombieload-intel-security-flaw.html
link : http://www.iphonehacks.com/2019/05/zombieload-intel-security-flaw.html
May 14, 2019 at 08:57PM