ALL-INKL.COM - Webhosting Server Hosting Domain Provider
May 17 2019

Intel and Zombieload

Intel has no luck when it comes to security issues
with it’s processors. Zombieload is another security
issue that allows reading data from inside the processor
memory (L2/L3) and even the execution pipe.

Moreover it seems as if the fix is more complicated than with Spectre and first test results have shown that a Mac equipped with an affected processor will loose about 40% of its performance when the mitigation is activated. So unless your computer is not prone to any security data handling you might wanna keep SMT (Hyperthreading) active as it is the factor that scales the process handling among all the virtual threads (double the number of logical processor cores).

All other users that wish to be not prone to any possible security flaw from Zombieload may want to take action how to mitigate these attacks. For Macs there is a parameter you can activate while in recovery mode (source: 9to5mac.com):

Most users do not need to worry about enabling full mitigation. macOS 10.14.5 includes the most important and most relevant patches, like preventing JavaScript exploits through Safari. Apple rolled these critical fixes for all customers as the performance penalty was small/negligible.

The full mitigation mode may be of interest to customers who are particularly at risk, like members of government or high-ranking business executives.

It’s also important to stress that the danger is currently just a theoretical concern and there are no known attacks out in the wild that affect Macs. Naturally, Apple recommends that users only download trusted software from the App Store.

With those qualifiers in mind, to enable full mitigation, follow these steps:

  1. Restart your Mac and hold Command key and the R key to enter macOS Recovery mode.
  2. Open the Terminal from the Utilities menu.
  3. Enter the command ‘nvram boot-args=”cwae=2″‘ (without single quotes) and press Return.
  4. Enter the command ‘nvram SMTDisable=%01’ and press Return.
  5. Then restart the Mac.

Intel has release a whitepaper on which processors you can expect Microcode updates to fix this security flaw:

Intel_Zombieload_MCUpdate

Download “Intel Zombieload Microcode update schedule”

Intel_Zombieload_MCUpdate.pdf – Downloaded 134 times – 906.35 KB

May 17, 2019 Netspark - 1594 posts - Member since: May 9th, 2011 No Comments »

RATING :
Rockbottom!Very badBadAverageGoodVery goodAwesome! (1 votes, average: 7.00 out of 7)
Loading...
FILED UNDER :Computer , News , Technology , Thoughts
TAGGED WITH : , , , , ,

Leave a comment