New ‘ZombieLoad’ Intel chip Vulnerability Affects Dating Back to 2011

Security researchers have discovered a new set of vulnerabilities named ZombieLoad that affect Intel chips dating back to 2011.

These vulnerabilities are as serious as the Meltdown and Spectre vulnerabilities that were discovered in early 2018 and take advantage of the same speculative execution process, which is designed to speed up data processing and performance.

ZombieLoad impacts almost every Intel computer dating back to 2011, but AMD and ARM chips are not affected. A demonstration of ZombieLoad was shared on YouTube, displaying how it works to see what you’re doing on your computer. While spying on web browsing is demoed, it can also be used for other purposes like stealing passwords.

A white paper shared by notable security researchers (including some who worked on Spectre and Meltdown) offers details on how ZombieLoad functions. [PDF]

Intel has released microcode for vulnerable processors. Apple addressed the vulnerability in the macOS Mojave 10.14.5 update that was released and in security patches for older versions of macOS that were also released.