DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
January 21, 2021 
Main Menu
News archives

Who's Online
There are currently 178 people online.


Latest Reviews
ASUS ROG Strix B450-F Gaming Motherboard
Sonos Move
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse

Follow us

Intel patches Zombieload for the third time

Posted on Wednesday, January 29 2020 @ 14:47:14 CET by

Intel rolled out a third wave of fixes for Zombieload, a vulnerability in its processors that was first discovered in June 2018. Wired writes this highlights once again that the underlying problems of these vulnerabilities are hard to fix once and for all.
On Monday, Intel announced that it will issue yet another update to its processors designed to solve a problem it calls "microarchitectural data sampling," or MDS. Different teams of researchers who independently discovered the issue call it RIDL or Zombieload, and warned Intel about the problem as early as June of 2018. The new update, which Intel says will be made available "in the coming weeks," is intended to fix two methods to exploit Intel chips via MDS, which have remained possible even after Intel released MDS patches in May of 2019 and then again last November. Some of the researchers first warned Intel about the more serious of the two flaws that it's trying to fix now in a paper shared with Intel fully a year ago. Other researchers even shared proof-of-concept code with the company last May.
The site spoke to security researchers from universities and heard they aren't impressed by the way Intel is handling these things. Herbert Bos from Vrije University in Amsterdam claims researchers are barely even trying very hard to find bugs in Intel CPUs and that the chip giant is putting in little effort:
"Security engineering at Intel (or rather lack thereof) is still business as usual," writes Cristiano Giuffrida, one of the researchers at Vrije Universiteit in Amsterdam who first discovered the MDS attacks, in an email to WIRED. "These issues aren't trivial to fix. But after eighteen months, they're still waiting for researchers to put together proofs-of-concept of every small variation of the attack for them? It’s amazing. We don’t know the inner workings of Intel's team. But it’s not a good look from the outside."



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2021 DM Media Group bvba