Tuesday, January 26, 11:57
Home security Intel: Corrects Zombieload CPU vulnerabilities for a third time within one year

Intel: Corrects Zombieload CPU vulnerabilities for a third time within one year

IntelFor the third time in a year, h Intel reveals the existence vulnerabilities in its processors. The company said yesterday it plans to release one new software update "in the coming weeks". New information will correct two Zombieload vulnerabilities (or microarchitectural data sampling-MDS). The two previous releases were released in May and November of last year.

Current vulnerabilities do not seem to be as dangerous as those corrected by the previous ones patches. The reason is that there are some limitations. Initially, one of the two vulnerabilities, h L1DES, does not affect the latest Intel chips. In addition, it is not possible to attack using a web browser. According to Intel, there is no evidence that the vulnerabilities were used by anyone outside the lab.

However, the researchers security criticize Intel for the "fragmented approach" that follows in correcting vulnerabilities. The company does not immediately respond to any correction. This also happened with the correction of vulnerabilities in November. "For months we have been trying to persuade Intel that attacks via L1DES were possible and that the vulnerability had to be corrected," the international team of computer scientists wrote on its website. They were the same researchers who discovered the vulnerability.

Researchers seem particularly annoyed with Intel. They wrote that vulnerabilities should be corrected immediately, while stressing that current strategies The company's resolve to resolve these issues is questionable.

Intel undermined bad criticism, saying that it has taken care to reduce the risk of these vulnerabilities for its processors. “From May 2019, starting with Microarchitectural Data Sampling (MDS) and then in November with THE A, we and our partners have received meters which have reduced the chances of an attack, ”said an Intel spokesman. “We continue to carry on research in this field - both internally and in collaboration with the external research community. "


Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement


Office 365: New phishing campaign targets company executives!

A phishing campaign is underway, which appears to provide password expiration reports for Office 365, managing to breach ...

Covid-19: Google Maps will show where vaccinations will be given

The Google Maps app will soon show the vaccination sites for Covid-19, further boosting awareness of ...

Apple Watch Series 7: Will have blood glucose monitoring

According to ETNews, the Apple Watch Series 7 will include the ability to monitor blood glucose through an optical sensor.

Google: North Korean hackers target security researchers via social media

Google has released a report revealing that North Korean hackers are targeting security researchers through social media who are involved in ...

Twitter: Fights misinformation with "Birdwatch"

Twitter unveiled a new feature that aims to step up its efforts to combat misinformation, with the help ...

Netherlands: COVID-19 patient data was sold illegally

Two suspects have been arrested by Dutch police for allegedly selling COVID-19 patient data by Dutch health ministry systems.

Apple: Attention! Keep iPhone away from your pacemaker!

If you have an iPhone, then you may be interested in the following warning. Apple informed its customers that the iPhones may interfere ...

COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...