Announcement

**JonathanM** · 12 November 2019, 03:16 PM

This sentence is wonky:

It is recommended to disable Hyper Threading while they ultimately Cyberus recommend running trusted/untrusted applications on separate physical systems.

**perpetually high** · 12 November 2019, 03:20 PM

Originally posted by JonathanM View Post

This sentence is wonky: "It is recommended to disable Hyper Threading while they ultimately Cyberus recommend running trusted/untrusted applications on separate physical systems."

Ah I see what happened, should read: "It is recommended to disable Hyper Threading while they ultimately f*ck us and recommend running trusted/untrusted applications on separate physical systems."

**tildearrow** · 12 November 2019, 03:21 PM

Oh Intel you can't be serious

**birdie** · 12 November 2019, 03:21 PM

Demonstration (quite scary and effective):

Exploit: https://github.com/IAIK/ZombieLoad/

AMD CPUs are not affected.

Again, if you're not running untrusted code on your system (a web browser with enabled JS does run it), there's nothing to worry about.

In short: this new vulnerability again mostly affects cloud providers and users who run untrusted random code off the net.

**milkylainen** · 12 November 2019, 03:53 PM

I have a better fix.
I will disable my Intel CPU altogether.

**hotaru** · 12 November 2019, 03:56 PM

Originally posted by birdie View Post

Again, if you're not running untrusted code on your system (a web browser with enabled JS does run it), there's nothing to worry about.

In short: this new vulnerability again mostly affects cloud providers and users who run untrusted random code off the net.

so it affects cloud providers and anyone who uses a web browser.

**milkylainen** · 12 November 2019, 03:58 PM

Originally posted by birdie View Post

Demonstration (quite scary and effective):
In short: this new vulnerability again mostly affects cloud providers and users who run untrusted random code off the net.

I think you're missing the bigger picture.
The big picture is that there is a new class of exploits out there.
And one of the vendors is looking more like a big sieve from my point of view.
Actually the sieve is looking like a total rot and rusted away, leaving nothing but a gaping hole.

So if you're crafting a zeroday for this class of exploits, one of the vendors is looking like the more vulnerable target.
And you can _bet_ that people are working on unknown exploits in this class.

**uid313** · 12 November 2019, 04:01 PM

Are processors prior to Cascade Lake also vulnerable?
Is Ice Lake (it uses a new architecture) also vulnerable?

Intel CPUs and x86 in general makes me think about Swiss cheese — it's full of holes.

**andyprough** · 12 November 2019, 04:06 PM

"Zombieland" - is that the name of the exploit, or the re-branding of all of Intel's chip lines?

I feel like "can't we just rip the bandage off all at once and do all the exploits and mitigations in one big batch?" But then, I'd probably be stuck with a computer that would never boot again.

Announcement

New ZombieLoad Side-Channel Attack Variant: TSX Asynchronous Abort

New ZombieLoad Side-Channel Attack Variant: TSX Asynchronous Abort

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment