New 'ZombieLoad' Vulnerability Affects Intel Chips Dating Back to 2011, Apple Released Patch in macOS 10.14.5 [Updated]

Security researchers have discovered a new set of vulnerabilities that affect Intel chips dating back to 2011, including the chips that have been used in Apple devices.

As outlined by TechCrunch, "ZombieLoad," as it's being called, consists of four bugs that can allow hackers to exploit the design flaws in the chips to steal sensitive information directly from the processor.


These vulnerabilities are as serious as the Meltdown and Spectre vulnerabilities that were discovered in early 2018 and take advantage of the same speculative execution process, which is designed to speed up data processing and performance.

A white paper shared by notable security researchers (including some who worked on Spectre and Meltdown) offers details on how ZombieLoad functions. [PDF]

While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys.

The attack does not only work on personal computers but can also be exploited in the cloud.

ZombieLoad impacts almost every Intel computer dating back to 2011, but AMD and ARM chips are not affected. A demonstration of ZombieLoad was shared on YouTube, displaying how it works to see what you're doing on your computer. While spying on web browsing is demoed, it can also be used for other purposes like stealing passwords.


There have been no reports of hackers taking advantage of the ZombieLoad vulnerabilities at this time, and Intel has released microcode for vulnerable processors. Apple addressed the vulnerability in the macOS Mojave 10.14.5 update that was released yesterday and in security patches for older versions of macOS that were also released yesterday.

Apple has released security updates in macOS Mojave 10.14.5 to protect against speculative execution vulnerabilities in Intel CPUs.
The issues addressed by these security updates do not affect Apple iOS devices or Apple Watch.
Apple previously released security updates to defend against Spectre—a series of speculative execution vulnerabilities affecting devices with ARM-based and Intel CPUs. Intel has disclosed additional Spectre vulnerabilities, called Microarchitectural Data Sampling (MDS), that apply to desktop and notebook computers with Intel CPUs, including all modern Mac computers.

An Apple support document on the ZombieLoad vulnerability provides details for "full mitigation" protection that can be enabled for customers with computers at heightened risk or that run untrusted software on their Macs.

Full mitigation requires using the Terminal app to enable additional CPU instructions and disable hyper-threading processing technology, which is available for macOS Mojave, High Sierra, and Sierra, but not on certain older machines. Apple says full mitigation could reduce performance by up to 40 percent, so most users will not want to enable it.

According to Intel, its microcode updates will have an impact on processor performance, but for the patch that Apple released in macOS Mojave 10.14.5, there was no measurable performance impact. Apple's fix prevents the exploitation of ZombieLoad vulnerabilities via JavaScript in Safari.

An Intel spokesperson told TechCrunch that most patched consumer devices could take a 3 percent performance hit at worst, and as much as 9 percent in a datacenter environment. But, the spokesperson said, it was unlikely to be noticeable in most scenarios.

As mentioned above, customers who enable Apple's full mitigation option will indeed see processor slowdowns because of the need to disable hyper-threading.

One of the researchers who discovered ZombieLoad, Daniel Gruss, told TechCrunch that ZombieLoad is easier to exploit than Spectre, but more difficult than Meltdown, and that it requires a specific set of skills, which means the average person doesn't need to worry.

Update: This article previously said that Apple would release a patch, but it has been updated to clarify that Apple addressed the issue in security updates made available to Mac owners yesterday. Customers running Mojave should update to macOS 10.14.5, while customers running older versions of macOS should install any available security updates.

Top Rated Comments

(View all)
Avatar
15 months ago
Between all these issues and the delays, I’m just hanging out for A-Series Macs at this point.

Intel to the curb; Windows be damned.
Score: 12 Votes (Like | Disagree)
Avatar
15 months ago
A 2010 Mac Mini running El Capitan is looking pretty good right about now
Score: 9 Votes (Like | Disagree)
Avatar
15 months ago

Between all these issues and the delays, I’m just hanging out for A-Series Macs at this point.

Intel to the curb; Windows be damned.

Or Apple should just switch to Ryzen.
Score: 7 Votes (Like | Disagree)
Avatar
15 months ago
As a CPU designer who formerly had to compete with Intel and it’s hyperthreading microarchitectures, I am retroactively glad we didn’t go that way. It always seemed like sharing buffers between threads opened up way too many opportunities for mischief unless you put in a lot of extra hardware to zero-out every memory structure between context switches, and that would probably eliminate any speed benefit anyway.
Score: 7 Votes (Like | Disagree)
Avatar
15 months ago

[USER=690974]@tywebb13[/USER]

I am still in HS
Can I please have the direct links for
iTunes Device Support Update
Safari 12.1.1
And the latest
gatekeeper and xprotect

Thanks
Came

http://swcdn.apple.com/content/down...j7tgzg4zzuvn3scnsztzq3dked/MobileDeviceSU.pkg ('http://swcdn.apple.com/content/downloads/09/58/041-62886/gyhsj0r6j7tgzg4zzuvn3scnsztzq3dked/MobileDeviceSU.pkg')

http://swcdn.apple.com/content/down...gsxdj09bat1u4t/Safari12.1.1HighSierraAuto.pkg ('http://swcdn.apple.com/content/downloads/11/43/041-29455/th6as97r3li57d3lz5qwgsxdj09bat1u4t/Safari12.1.1HighSierraAuto.pkg')

http://swcdn.apple.com/content/down...m808sfkhernhm6t03ocg/GatekeeperConfigData.pkg ('http://swcdn.apple.com/content/downloads/01/50/041-56834/gxlfpqocbqlortm808sfkhernhm6t03ocg/GatekeeperConfigData.pkg')

http://swcdn.apple.com/content/downloads/35/05/041-59062/l0a9hglm2vcwewfkld5832ivg90gh4xtns/XProtectPlistConfigData.pkg
Score: 4 Votes (Like | Disagree)
Avatar
15 months ago

Yes, there's a crisis. Update to the version of macOS that will force Notarization on you! Coincidence or inside bug discovery they were waiting on to inform Intel of AFTER they had a reason to force people to update to a version of the OS that can control everything you do....

Interesting. So I am sure several members are wondering "Notarization? Being forced on me? What's that all about?" The implication that Notarization "can control everything you do" is certainly a scary idea.

So, I looked up Notarization ('https://www.macrumors.com/2019/04/08/mac-apps-notarization-macos-10-14-5/') to find out what fresh evil was being forced upon me. Well, according to MacRumors own thread "as of macOS 10.14.5, all new software distributed with a new Developer ID must be notarized in order to run." Or, in other words, new software from new developers must be notarized by Apple for the OS to allow it to run, the idea being this will help identify authentic software NOT DOWNLOADED FROM THE MAC APP STORE from malware. In future versions of the OS all software not from the Mac App Store will have to have notarization from the developer which is supplied by Apple.

So how does this control everything you do? It doesn't. Is it a huge imposition on the Mac users? It's not. Is it terribly inconvenient for developers who don't distribute software through the Mac App Store? Well, it is an added step but not an overly onerous one; I don't think it will put anyone out of business. Will it make your computer more secure? Yes, probably, for awhile at least until this, too, is defeated.

But hey, just because you are paranoid and espouse wild conspiracy theories doesn't mean the government isn't watching everything you do. Keep the faith.
Score: 4 Votes (Like | Disagree)

Top Stories

iPhone 12 Sizes Compared with iPhone SE, 7, 8, SE 2, X, 11, 11 Pro and 11 Pro Max [Update]

Tuesday July 7, 2020 6:49 pm PDT by
Apple is planning on launching the iPhone 12 this fall which is rumored to be coming in 3 different sizes: 5.4", 6.1" and 6.7". The middle size (6.1") matches up with the currently shipping iPhone 11, but the other two sizes will be entirely new. Over the weekend, there was some excitement about how well the new 5.4" iPhone 12 compares to the original iPhone SE. Those who have been hoping...

Everything New in iOS 14 Beta 2: New Calendar Icon, Files Widget and More

Tuesday July 7, 2020 11:38 am PDT by
Apple today released the second beta of iOS 14 to developers for testing purposes, tweaking and refining some of the features that are coming in the update. Below, we've rounded up all of the changes that we found in the second beta. - Calendar icon - There's a new Calendar app icon in iOS 14 beta 2, with the day of the week abbreviated rather than spelled out. - Clock icon - The clock...

Hands On With iPhone 12 Models Showing New Sizes and Design

Monday July 6, 2020 2:04 pm PDT by
Ahead of the launch of new iPhones we often see dummy models created based on leaked schematics and specifications, with those models designed to let case makers create cases for the new devices ahead of their release. We got our hands on a set of dummy models that represent the iPhone 12 lineup, giving us our first close look at the iPhone 4-style design and the different size options. Subscri ...

Developer's Visual Comparison of macOS Catalina and Big Sur Offers Closer Look at Apple's UI Redesign for Macs

Tuesday July 7, 2020 4:00 am PDT by
macOS 11 Big Sur is the next major release of Apple's operating system for Mac, and following its preview at WWDC, one of the biggest discussions has revolved around the all-new user interface redesign. Developers are still learning what the impact the new UI will have on their apps, and with that in mind, app designer Andrew Denty has compiled an extensive visual comparison of the user...

Analyst Believes iPhone 12 Pricing Will Start $50 Higher Even Without EarPods or Charger in Box

Wednesday July 8, 2020 9:35 am PDT by
Despite multiple reports indicating that Apple will not include EarPods or a wall charger with iPhone 12 models this year, one analyst believes that pricing will still increase slightly compared to the iPhone 11 lineup. In a research note provided to MacRumors, analyst Jeff Pu forecasted that iPhone 12 pricing will start at $749 for a new 5.4-inch model, an increase of $50 over the base...

14-Inch MacBook Pro With Mini-LED Display Expected to Enter Production in 2021

Wednesday July 8, 2020 7:51 am PDT by
Apple suppliers will begin competing to win manufacturing orders for new 14-inch and 16-inch MacBook Pro models with Mini-LED displays in the first quarter of 2021, according to Taiwanese research firm TrendForce. Rumors of a 14-inch MacBook Pro have surfaced since Apple replaced the 15-inch MacBook Pro with a new 16-inch model last year. Apple analyst Ming-Chi Kuo has previously said that...

Apple Seeds First Betas of iOS 14 and iPadOS 14 to Public Beta Testers

Thursday July 9, 2020 10:14 am PDT by
Apple today seeded the first public betas of upcoming iOS and iPadOS 14 updates to its public beta testing group, two weeks after first providing the updates to developers after the WWDC keynote and a day after seeding the second developer betas. Public beta testers who have signed up for Apple's beta testing program can download the iOS/‌iPadOS‌ 14 updates over the air after installing ...

Apple's Arm-Based Macs With Apple Silicon Chips Will Support Thunderbolt

Wednesday July 8, 2020 3:14 pm PDT by
Apple is working on Macs that use its custom Apple-designed Apple Silicon chips instead of Intel chips, but Apple has committed to continuing to support Thunderbolt, reports The Verge. In a statement, an Apple spokesperson said that Apple's upcoming machines will offer support for Intel's Thunderbolt USB-C standard. "Over a decade ago, Apple partnered with Intel to design and develop...

Apple Cuts iPhone Trade-In Values as iPhone 12 Launch Nears

Tuesday July 7, 2020 7:46 am PDT by
With just two months to go until the usual timeframe for Apple's iPhone launch events, Apple is cutting back on maximum trade-in values of previous-generation iPhones for those looking to upgrade to a new model. Maximum values on more recent models have dropped by $30–$50, while older models have generally dropped by $5–$20 with a few models seeing no change in value.iPhone XS Max: $500 to...

Some iPhone Users Report Significant Battery Drain Due to Music App Background Activity in iOS 13.5.1

Wednesday July 8, 2020 1:49 am PDT by
A significant minority of iPhone users have taken to Apple's Support Communities and Reddit to report battery drain issues largely related to the Music app and high levels of background activity. Hundreds of users, many running iOS 13.5.1 on devices both new and old, are experiencing rapid battery drain when the Music app is not in use. In some cases, the background activity occurs over...