We’ve had our eye on a story that’s been dominating the tech news headlines this week. On Tuesday, security researchers announced the identification of four new attacks that are capable of leaking sensitive data from Intel processors. This vulnerability exists in all the Intel chips that have been made since 2011, affecting a large number of desktop computers, laptops, and even virtual machines.

These four attacks are called ZombieLoad, Fallout, RIDL, and Store-to-Leak Forwarding. These exploits target the speculative execution function that allows processors to anticipate what an application might need a few milliseconds into the future, improving the overall performance. By attacking this function, sensitive data leaks from internal CPU buffers.

Intel has already released updates for all vulnerable processors and anticipates that for most users the impact on processor performance will be minimal, up to 3%. However, for specific data center workloads, processor performance may be affected by as much as 8 or 9 percent. Additional updates for operating systems and software for other Intel-based products are being pushed out by many other corporations.

Here at Vivio, we use AMD processors for most of our deployments. AMD has already tested their processors for this hardware vulnerability, making this statement, “At AMD we develop our products and services with security in mind. Based on our analysis and discussions with the researchers, we believe our products are not susceptible to ‘Fallout’ or ‘RIDL’ because of the hardware protection checks in our architecture. We have not been able to demonstrate these exploits on AMD products and are unaware of others having done so.”

A small percentage of our Dedicated Servers use Intel processors and will receive updates. However, for the vast majority of our customers, this hardware exploit will not affect your hosting experience here at Vivio. We’ll continue to watch for any new research developments. Protecting your data is our top priority!

Here are the links to the research reports, if you’d like to learn more. Let us know if you have any questions!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

thirteen − twelve =