New vulnerabilities of Intel chip discovered! Upgrading macOS is suggested

The vulnerability is called ZombieLoad, and the impact is widespread.

According to the latest report, security researchers have discovered a new vulnerability in Intel chips, and almost all chips produced since 2011 have been vulnerable to their attacks. The new vulnerability, called ZombieLoad, is similar to the features of Meltdown and Spectre, which were found in Intel chips last year.

These vulnerabilities have been fixed in the macOS 10.14.5 update released by Apple recently.

ZombieLoad is actually composed of four vulnerabilities, rooted in “speculative execution” and “out-of-order execution”. The researchers said that ZombieLoad will leak all data currently loaded by the processor core.

Similar to the Meltdown and Spectre, it is also caused by flaws in chip design, and hackers can effectively exploit the flaws for side channel attacks on Intel chips. The researchers reported the vulnerabilities to chip makers a month ago.

PCs and laptops affected by ZombieLoad are also vulnerable to attacks in the cloud. ZombieLoad can be triggered in a virtual machine and breaks the original isolation between the virtual machine and other virtual systems and their host devices.

There are currently no public examples of malicious use of ZombieLoad, but updating Mac software is still a good idea. Intel has released a microcode update, and the microcode patch will help clear the processor’s buffer and prevent data from being read. Apple also implemented these updates in macOS 10.14.5 yesterday, and provided security updates for the macOS High Sierra and macOS Sierra versions to deal with ZomebieLoad.