Zombieload v2, another new vulnerability that affects intel cascade lake

All Haswell- based Intel CPUs up to the latest Cascade Lake CPUs have been found to be vulnerable to a new variant of Zombieload attacks, now known as Zombieload V2, as detailed in this whitepaper.

Zombieload V2 affects from the Haswell CPUS to the recent Cascade Lake

Zombieload V2 marks the fifth entry in the Microarchitectural Data Sampling (MDS) list of vulnerabilities, based on four previously discovered and patched vulnerabilities for the first half of 2019. Intel's HEDT and enterprise microarchitecture, Cascade Lake, was initially believed to be immune to Zombieload-type security attacks, although this has proven to be untrue, as Zombieload V2 may very well compromise a Cascade Lake system, not to mention microarchitectures prior to Cascade Lake dating back to 2013 for Zombieload V2 and 2011 for the original Zombieload vulnerability.

Due to the nature of Intel's microarchitectures, patches cannot be deployed at the hardware level. Intel's workaround is to release a microcode update in the form of a firmware patch that will be available through motherboard manufacturers as the BIOS updates. Patches may also be available through an operating system patch.

Visit our guide on the best processors on the market

How does Zombieload V2 work?

Zombieload V2 is enabled by the Asynchronous Abort operation of Intel CPUs as part of Transactional Synchronization Extensions (TSX) when malware executes read operations on the CPU. When this occurs, other data that is currently being executed or stored in the CPU may become readable to external entities. Due to the inclusion of TSX in its processors, Zombieload is possible. As for AMD CPUs, AMD has not included TSX, and therefore AMD CPUs are immune to Zombieload.

Wccftech font