Reveals the existence of the 'MDS' vulnerability affecting almost all Intel processors since 2011


By

Slejven Djurakovic

On May 14, 2019, Intel unveiled multiple vulnerabilities in its chip. The vulnerability announced by Intel is called ' Microarchitectural Data Sampling (MDS) ' and affects almost all Intel processors manufactured and sold since 2011.

Intel Side Channel Vulnerability MDS
https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html

Cyberus Technology-ZombieLoad: Cross Privilege-Boundary Data Leakage
https://www.cyberus-technology.de/posts/2019-05-14-zombieload.html

New secret-spilling flaws almost every Intel chip since 2011 | TechCrunch
https://techcrunch.com/2019/05/14/zombieload-flaw-intel-processors/

ZombieLoad attack lets hackers steal data from Intel chips-The Verge
https://www.theverge.com/2019/5/14/18623708/zombieload-attack-intel-processors-speculative-execution

According to Intel, discovered vulnerabilities · MDS is caused not by software but by hardware, so an attack using MDS may be executed regardless of software or operating system (OS) That there is. Furthermore, MDS consists of four related technologies.

Although Intel has published a list of affected CPUs in PDF format, it is expected that almost all Intel processors manufactured and sold after 2011 will be affected. Intel provides microcode updates for chips affected by MDS.

SA00233 Microcode Update Guidance-SA00233-microcode-update-guidance_05123020.pdf



Intel is not aware of the impact of microcode updates on processor performance against TechCrunch in foreign media, 'In most cases there is no noticeable impact, but in the personal PC the worst case 3%, data center level environment May have a 9% drop in performance. '

Also, security researchers groups from Graz Technical University in Germany and Leuven Catholic University in Belgium have announced a side channel attack called ' ZombieLoad ' using MDS.

ZombieLoad Attack



In the event of a ZombieLoad attack, there is a risk that the history of the browser accessed by the processor, confidential information such as user ID and password, and system level information such as the disk encryption key may be stolen. The following movie is created for the proof of concept of ZombieLoad. If you receive ZombieLoad, you can see that it is possible to extract the URL of the site the user is accessing, even if you are using the highly anonymous '

Tor browser ' on a virtual PC You

ZombieLoad in Action: Spying on your visited websites-YouTube


ZombieLoad is capable of stealing data on virtual PCs, so if cloud servers running different customers' virtual PCs on the same server are targeted by ZombieLoad, a large amount of information will be leaked at one time There is a risk of In addition to ZombieLoad, ' RIDL ' and ' Fallout ' have been announced as side channel attacks using MDS.

RIDL and Fallout: MDS attacks



According to Intel's announcement, it is difficult to actually abuse MDS, and it has not yet been reported that it has been abused. Also, Apple and Microsoft have announced their respective measures to MDS.

Apple, Amazon, Google, Microsoft and Mozilla release patches for ZombieLoad chip flaws | TechCrunch
https://techcrunch.com/2019/05/14/intel-chip-flaws-patches-released/

・ Microsoft
We plan to release a Windows update, but some users may need to obtain microcode directly from the chip manufacturer. A number of microcode updates have been announced from Microsoft's official page, and a dedicated page has been published explaining how to prevent side-channel attacks using MDS such as ZobmieLoad.

・ Apple
We announce OS update to macOS. Some terminals may have a 40% drop in performance.

・ Google
Updates have been distributed to some Android devices and Chrome OS.

・ Mozilla
Plans for a long-term fix for Firefox. Patches have been distributed for Firefox Beta and Firefox Nightly. It is said that Firefox for macOS has been implemented with a recommendation recommended by Apple, but no special measures are necessary for Firefox for Windows and Linux.

・ Amazon
Applied correction update for Amazon Web Services.

in Hardware,   Security, Posted by darkhorse_log