Intel has announced further developments in its response to a type of vulnerability commonly known as "Zombieload 2," or TSX Asynchronous Abort. The announcement is unusual in that it comes before further remediation is available — part of the "transparency" that Intel has promised around the vulnerabilities.
While the Zombieload vulnerability has been known for nearly a year - like the speculative execution side channel vulnerabilities that preceded it - the flaw is not considered a critical vulnerability. In Zombieload's case, one of the reasons for its non-critical designation is that an attacker must have physical access to the targeted system before the vulnerability can be exploited.
As with Spectre and Meltdown, under very specific conditions Zombieload could allow an attacker to access data like cryptographic keys and passwords that had been loaded into a cache. The great danger is that it could allow the owner of one virtual system read the data belonging to another virtual system hosted on the same server. Intel has already patched its vulnerable CPUs' microcode — twice — to deal with Zombieload, but continues to refine the repairs and now promises new microcode in "the near future."
Intel said it's not aware of any exploits in the wild; it remains a laboratory-only exploit to date
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "7 Steps to IoT Security in 2020."