Intel has disclosed another speculative side execution vulnerability affecting many of its processors, including its latest 10th generation mobile CPUs. Fortunately, there are already mitigating patches available, at least for users who are running Windows 10, Windows 8.1 (and Windows RT 8.1), Windows 7, and various Windows Server versions.
The vulnerability has to do with an extension to the x86 instruction set architecture called Intel Transactional Synchronization Extensions (Intel TSX). This extension adds hardware transactional memory support to improve multi-threaded workloads. The flaw has been dubbed TSX Asynchronous Abort (also known as ZombieLoad 2), which Intel says is similar to Microarchitectural Data Sampling (MDS) and affects the same buffers (store buffer, fill buffer, and load port writeback data bus).
Here's how Intel describes the vulnerability...
"Intel TSX supports atomic memory transactions that are either committed or aborted. When an Intel TSX memory transaction is aborted, either synchronously or asynchronously, all earlier memory writes inside the transaction are rolled back to the state before the transaction start. While an Intel TSX asynchronous abort (TAA) is pending, certain loads inside the transaction that are not yet completed may read data from microarchitectural structures and speculatively pass that data to dependent operations. This may cause microarchitectural side effects, which can later be measured to infer the value of the data in the microarchitectural structures."
There is a string of speculative execution side-channel attack vectors that have already been disclosed and mitigated through prior patches, including the
original ZombieLoad. This new one, however, is able to sidestep previously released security measures.
The bug affects a wide range of CPUs, including its 10th generation Core processors (mobile), 2nd generation Xeon scalable processors (server), Xeon W processor family (workstation), 9th generation Core processors (mobile and desktop), Xeon processor E family (workstation and server), 10th generation Pentium Gold processor series (mobile), 10th generation Celeron 5000 series (mobile), and 8th generion Core processors (mobile).
Microsoft Addresses ZombieLoad 2 Security Flaw In Intel Processors With Windows Patches
Microsoft is already on top of the ball with a bit of a plain-English breakdown and security patches for several versions of Windows.
"To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system," Microsoft says.
Links to download patches can be found on Microsoft's
CVE-2019-11135 support page. Additionally, mitigations are included in this month's Patch Tuesday update, which released yesterday.