New 'ZombieLoad' Vulnerability Affects Intel Chips Dating Back to 2011, Apple Released Patch in macOS 10.14.5 [Updated]

Security researchers have discovered a new set of vulnerabilities that affect Intel chips dating back to 2011, including the chips that have been used in Apple devices.

As outlined by TechCrunch, "ZombieLoad," as it's being called, consists of four bugs that can allow hackers to exploit the design flaws in the chips to steal sensitive information directly from the processor.

zombieload
These vulnerabilities are as serious as the Meltdown and Spectre vulnerabilities that were discovered in early 2018 and take advantage of the same speculative execution process, which is designed to speed up data processing and performance.

A white paper shared by notable security researchers (including some who worked on Spectre and Meltdown) offers details on how ZombieLoad functions. [PDF]

While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys.

The attack does not only work on personal computers but can also be exploited in the cloud.

ZombieLoad impacts almost every Intel computer dating back to 2011, but AMD and ARM chips are not affected. A demonstration of ZombieLoad was shared on YouTube, displaying how it works to see what you're doing on your computer. While spying on web browsing is demoed, it can also be used for other purposes like stealing passwords.


There have been no reports of hackers taking advantage of the ZombieLoad vulnerabilities at this time, and Intel has released microcode for vulnerable processors. Apple addressed the vulnerability in the macOS Mojave 10.14.5 update that was released yesterday and in security patches for older versions of macOS that were also released yesterday.

Apple has released security updates in macOS Mojave 10.14.5 to protect against speculative execution vulnerabilities in Intel CPUs.
The issues addressed by these security updates do not affect Apple iOS devices or Apple Watch.
Apple previously released security updates to defend against Spectre—a series of speculative execution vulnerabilities affecting devices with ARM-based and Intel CPUs. Intel has disclosed additional Spectre vulnerabilities, called Microarchitectural Data Sampling (MDS), that apply to desktop and notebook computers with Intel CPUs, including all modern Mac computers.

An Apple support document on the ZombieLoad vulnerability provides details for "full mitigation" protection that can be enabled for customers with computers at heightened risk or that run untrusted software on their Macs.

Full mitigation requires using the Terminal app to enable additional CPU instructions and disable hyper-threading processing technology, which is available for macOS Mojave, High Sierra, and Sierra, but not on certain older machines. Apple says full mitigation could reduce performance by up to 40 percent, so most users will not want to enable it.

According to Intel, its microcode updates will have an impact on processor performance, but for the patch that Apple released in macOS Mojave 10.14.5, there was no measurable performance impact. Apple's fix prevents the exploitation of ZombieLoad vulnerabilities via JavaScript in Safari.

An Intel spokesperson told TechCrunch that most patched consumer devices could take a 3 percent performance hit at worst, and as much as 9 percent in a datacenter environment. But, the spokesperson said, it was unlikely to be noticeable in most scenarios.

As mentioned above, customers who enable Apple's full mitigation option will indeed see processor slowdowns because of the need to disable hyper-threading.

One of the researchers who discovered ZombieLoad, Daniel Gruss, told TechCrunch that ZombieLoad is easier to exploit than Spectre, but more difficult than Meltdown, and that it requires a specific set of skills, which means the average person doesn't need to worry.

Update: This article previously said that Apple would release a patch, but it has been updated to clarify that Apple addressed the issue in security updates made available to Mac owners yesterday. Customers running Mojave should update to macOS 10.14.5, while customers running older versions of macOS should install any available security updates.

Top Rated Comments

Santabean2000 Avatar
44 months ago
Between all these issues and the delays, I’m just hanging out for A-Series Macs at this point.

Intel to the curb; Windows be damned.
Score: 12 Votes (Like | Disagree)
now i see it Avatar
44 months ago
A 2010 Mac Mini running El Capitan is looking pretty good right about now
Score: 9 Votes (Like | Disagree)
Bustycat Avatar
44 months ago
Between all these issues and the delays, I’m just hanging out for A-Series Macs at this point.

Intel to the curb; Windows be damned.
Or Apple should just switch to Ryzen.
Score: 7 Votes (Like | Disagree)
cmaier Avatar
44 months ago
As a CPU designer who formerly had to compete with Intel and it’s hyperthreading microarchitectures, I am retroactively glad we didn’t go that way. It always seemed like sharing buffers between threads opened up way too many opportunities for mischief unless you put in a lot of extra hardware to zero-out every memory structure between context switches, and that would probably eliminate any speed benefit anyway.
Score: 7 Votes (Like | Disagree)
tywebb13 Avatar
44 months ago
@tywebb13

I am still in HS
Can I please have the direct links for
iTunes Device Support Update
Safari 12.1.1
And the latest
gatekeeper and xprotect

Thanks
Came
http://swcdn.apple.com/content/down...j7tgzg4zzuvn3scnsztzq3dked/MobileDeviceSU.pkg ('http://swcdn.apple.com/content/downloads/09/58/041-62886/gyhsj0r6j7tgzg4zzuvn3scnsztzq3dked/MobileDeviceSU.pkg')

http://swcdn.apple.com/content/down...gsxdj09bat1u4t/Safari12.1.1HighSierraAuto.pkg ('http://swcdn.apple.com/content/downloads/11/43/041-29455/th6as97r3li57d3lz5qwgsxdj09bat1u4t/Safari12.1.1HighSierraAuto.pkg')

http://swcdn.apple.com/content/down...m808sfkhernhm6t03ocg/GatekeeperConfigData.pkg ('http://swcdn.apple.com/content/downloads/01/50/041-56834/gxlfpqocbqlortm808sfkhernhm6t03ocg/GatekeeperConfigData.pkg')

http://swcdn.apple.com/content/downloads/35/05/041-59062/l0a9hglm2vcwewfkld5832ivg90gh4xtns/XProtectPlistConfigData.pkg
Score: 4 Votes (Like | Disagree)
Duane Martin Avatar
44 months ago
Yes, there's a crisis. Update to the version of macOS that will force Notarization on you! Coincidence or inside bug discovery they were waiting on to inform Intel of AFTER they had a reason to force people to update to a version of the OS that can control everything you do....
Interesting. So I am sure several members are wondering "Notarization? Being forced on me? What's that all about?" The implication that Notarization "can control everything you do" is certainly a scary idea.

So, I looked up Notarization ('https://www.macrumors.com/2019/04/08/mac-apps-notarization-macos-10-14-5/') to find out what fresh evil was being forced upon me. Well, according to MacRumors own thread "as of macOS 10.14.5, all new software distributed with a new Developer ID must be notarized in order to run." Or, in other words, new software from new developers must be notarized by Apple for the OS to allow it to run, the idea being this will help identify authentic software NOT DOWNLOADED FROM THE MAC APP STORE from malware. In future versions of the OS all software not from the Mac App Store will have to have notarization from the developer which is supplied by Apple.

So how does this control everything you do? It doesn't. Is it a huge imposition on the Mac users? It's not. Is it terribly inconvenient for developers who don't distribute software through the Mac App Store? Well, it is an added step but not an overly onerous one; I don't think it will put anyone out of business. Will it make your computer more secure? Yes, probably, for awhile at least until this, too, is defeated.

But hey, just because you are paranoid and espouse wild conspiracy theories doesn't mean the government isn't watching everything you do. Keep the faith.
Score: 4 Votes (Like | Disagree)

Popular Stories

AirPods Max 2022 Colors

Ten Things AirPods Pro 2 Tell Us About AirPods Max 2

Saturday September 24, 2022 1:00 am PDT by
Upon the release of the second-generation AirPods Pro, the AirPods Max became the oldest current-generation AirPods product still in Apple's lineup. Introducing several new features like Adaptive Transparency and the H2 chip, the second-generation AirPods Pro may provide some of the best indications yet of what to expect from the second-generation AirPods Max. Almost two years later, rumors...
apple watch series 7 aluminum colors yellowbg

Don't Want the Apple Watch Ultra or Series 8? Amazon Has Record Low Prices on Series 7 Models This Week

Friday September 23, 2022 6:56 am PDT by
The Apple Watch Series 8 and Apple Watch Ultra are now available to purchase, but if you aren't interested in these updates you can save a lot of money on Series 7 models right now on Amazon. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. The best deals are on cellular...
iOS 16

Apple Releases iOS 16.0.2 With Bug Fixes for iPhone 14 Pro Camera Vibration, Copy/Paste Issue and More

Thursday September 22, 2022 1:04 pm PDT by
Apple today released iOS 16.0.2, addressing a number of bugs that iPhone 14 owners have been experiencing since the new devices launched. iOS 16.0.2 comes two weeks after the launch of iOS 16, and it follows iOS 16.0.1, an update made available to iPhone 14 owners on launch day. The update is available for all iPhones that are capable of running iOS 16. The iOS 16.0.2 update can be...
14 vs 16 inch mbp m2 pro and max feature 1

New 14-Inch and 16-Inch MacBook Pros Reportedly Launching Later This Year

Friday September 23, 2022 7:08 am PDT by
Apple plans to release new MacBook Pro models in the fourth quarter of 2022, according to supply chain publication DigiTimes. The report does not mention specific models, but it very likely refers to the next-generation 14-inch and 16-inch MacBook Pros given that the 13-inch model was already updated earlier this year. There has been uncertainty surrounding the timing of new 14-inch and...
Tim Cook Apple Event

Gurman: New iPads and Macs May Be Announced Through Press Releases, No October Event

Sunday September 25, 2022 6:50 am PDT by
Apple may decide to release its remaining products for 2022, which include updated iPad Pro, Mac mini, and 14-inch and 16-inch MacBook Pro models, through press releases on its website rather than a digital event, according to Bloomberg's Mark Gurman. In his latest Power On newsletter, Gurman said that Apple is currently "likely to release its remaining 2022 products via press releases,...
Dynamic Island For Android Users Feature

Android App Copying iPhone 14 Pro's Dynamic Island Released on Play Store

Thursday September 22, 2022 7:57 am PDT by
A copycat version of the iPhone 14 Pro's Dynamic Island has arrived on Android's Google Play Store in the form of an app called "dynamicSpot." The app, still in beta, offers customers several different experiences at the top of their smartphones. In its current form, dynamicSpot offers playback control for songs, timers, battery status, and more features coming soon, according to the app's...
AirPods Pro Second Generation 2 Pairing Feature 1

AirPods Pro 2 Engravings Appear in iOS During Pairing and Connecting

Friday September 23, 2022 9:40 am PDT by
Customers who personalize their second-generation AirPods Pro charging case with an engraving will now have that engraving reflected directly on iOS as they pair and connect their AirPods Pro. Apple allows customers to personalize their AirPods Pro charging case with a special engraving that can include select emojis and Memojis. Unlike before, starting with the second-generation AirPods...
Apple Watch 6 New Features Feature 2

Six New Apple Watch Features Coming Later This Year

Friday September 23, 2022 8:12 am PDT by
With new Apple Watch Ultra and Series 8 models now in the hands of customers, Apple has brought a host of smart new features to many people's wrists. But there's more to come. Apple has a handful of additional features in store for Apple Watch Series 8 and Apple Watch Ultra owners before the year's end, and some of them are watchOS 9 functions, which means they will even work on older Apple ...
new airpods pro ear tips

Apple Explains Why Second-Generation AirPods Pro Ear Tips Are Incompatible With Original AirPods Pro

Thursday September 22, 2022 3:12 pm PDT by
Apple today explained why the new silicone ear tips for the second-generation AirPods Pro are not officially compatible with the original AirPods Pro. In an updated support document, Apple said the original AirPods Pro ear tips have "noticeably denser mesh" than the second-generation ear tips. Apple did not provide any additional details, but the mesh density could result in acoustical...