Less than a year and a half since Intel had its first public meltdown after finding the highly publicized Meltdown and Spectre security flaws, researchers have discovered a new security vulnerability called Microarchitectural Data Sampling (MDS) — which leaves computers dating back to 2008 vulnerable to eavesdropping attacks.
Fortunately, Intel learned its lesson from the first Meltdown discovery, and it finds itself better prepared to address the recently published security flaw that, if unpatched, could leave computers — ranging from laptops to cloud-based servers — exposed to eavesdropping by an attacker.
Back from the grave
A series of updates were recently deployed to address the newly uncovered security flaw. Whether you’re on a Windows PC or a Mac, you should stay up to date with your security patches to mitigate the risk of attack. Business customers operating their infrastructure from the cloud should check with their service providers to ensure that that latest available security patches will be applied as soon as possible.
MDS was discovered by a wide range of researchers from security firms like Bitdefender, Cyberus, Oracle, and Qihoo360 as well as academic institutions like the University of Michigan, Vrije Universiteit Amsterdam, KU Leuven in Belgium, Austria’s TU Graz, University of Adelaide, Worcester Polytechnic Institute, and Germany’s Saarland University. Researchers have discovered four distinct ways of carrying out MDS attacks, and though some of the attacks were discovered more than a year ago, Intel had asked that the researchers to keep their findings private until a patch was available.
“Academics have discovered four such MDS attacks, targeting store buffers, load buffers, line fill buffers (aka the Zombieload attack), and uncacheable memory — with Zombieload being the most dangerous of all because it can retrieve more information than the others,” ZDNet reported. Some of the attacks, researchers cautioned, could even require hardware changes to the chips to mitigate. Intel claims that some of its chips released within the last month already ship with a fix.
While MDS works in a similar way to Meltdown and Spectre by relying on Intel’s use of speculative execution to boost CPU performance by allowing the processor to guess what data will be required for execution in advance, attackers are able to eavesdrop when data is moving between various components of a processor. In previous attacks, sensitive data was accessed from memory, but in the case of MDS, the data can be accessed from the cache. Anything that passes through the processor, from the website you’ve visited to your password and credit card data, could be accessed through MDS. Hackers can even leverage MDS to extract the decryption keys to an encrypted drive.
Fixing Intel’s chipocalypse
Intel has readied a fix for MDS, but the patch will need to be deployed through different operating systems. For now, Apple claims that a recent update to its MacOS Mojave operating system and Safari desktop browser already included the fix, so Mac users should download the latest updates if they haven’t already done so. Google also claimed that its recent products already contains a fix, while Microsoft issued a prepared statement stating that a fix will be ready later today. Windows 10 users are advised to download this patch.
“We are working to deploy mitigations to cloud services and release security updates to protect Windows customers against vulnerabilities affecting supported hardware chips,” Microsoft said.
Amazon Web Services have also deployed fixes. “AWS has designed and implemented its infrastructure with protections against these types of bugs, and has also deployed additional protections for MDS,” AWS said in a statement. “All EC2 host infrastructure has been updated with these new protections, and no customer action is required at the infrastructure level. Updated kernels and microcode packages for Amazon Linux AMI 2018.03 and Amazon Linux 2 are available in the respective repositories (ALAS-2019-1205).”
Though chips released starting last month already contained a hardware level fix, Intel claims that microcode updates are enough. “For other affected products, mitigation is available through microcode updates, coupled with corresponding updates to operating system and hypervisor software that are available starting today,” the chipmaker said in a statement.
Security researchers from TU Graz and VUSec disagreed with Intel’s conclusion and advised that hyperthreading be disabled, as this process could make it easier for attackers to carry out MDS attacks. In an interview with Wired, Intel downplayed the flaw rating the four vulnerabilities at a low to medium severity, and the company claimed that disabling hyperthreading is not necessary. Intel claims that a lot of noise is also leaked, and it would be very difficult for an attacker to infer your secret data.
At this point, AMD and ARM silicon are not affected by the vulnerability. If your system is running an Intel chip, be sure to apply the latest software patches and check for any new system updates in the coming days.
