ZombieLoad Attack. New hardware and OS level threats identified
Intel Hit Again
Early last year, the IT world was hit by Spectre and Meltdown processor exploits. It would appear that the story has not yet ended. Researchers have identified a new vulnerability in Intel chips manufactured from 2011 onwards, now known as the ZombieLoad Attack. This could allow a malicious program to view user-level secrets (including browser history, passwords and even system-level secrets like disk encryption keys) that are being used by other running programs.
Legacy OS Weakness
In addition to this, Microsoft has identified a major vulnerability with the Remote Desktop Service on all operating systems prior to and including Windows 7 and Server 2008 R2. This exploit allows malware to remotely execute code on a target system without user intervention. This could result in malware similar to that of WannaCry in 2017. As with WannaCry, Windows 10 and 8.1 are NOT vulnerable.
The good news is that Apple and Google have already issued patches for the ZombieLoad Attack exploit and Microsoft have included patches in the May 2019 patch Tuesday release that covers both exploits. Patches have also been publicly released for the ‘out of support’ Windows XP and Server 2003. It is worth noting that ZombieLoad Attack affects Intel chips only and AMD & ARM chips are safe.
If you are using WSUS to patch any of the affected operating systems, make sure that updates for the products are included in the synchronisation settings and approved as soon as possible.
Another Reason to Upgrade Now!
I’m sure you won’t need reminding again that Windows 7 will be falling out of extended support on 14th January 2020, however, while there is little you can do to prevent the hardware-based ZombieLoad Attack, those who have completed their upgrades to Windows 10 may be sat with a smug face today as they would have no cause to panic.
Help is at hand
If you have not begun or are beginning to plan your rollout for Windows 10 and would like assistance, please complete this form to speak to one of our expert consultants.
And join one of our regular workshops and webinars providing the latest updates and expert advice about Microsoft 365, Cloud and Hybrid IT, security, compliance and partner tools. We also post regular blogs so please do follow us.