Alexa metrics
Live Chat

Welcome to UKFast, do you have a question? Our hosting experts have the answers.

Chat Now
Sarah UKFast | Account Manager

Intel Vulnerability: Intel’s ‘New Zombieload Flaw’

12 November 2019 by Charlotte Greene

Intel LogoOn 12th November 2019, Intel® disclosed a potential security vulnerability which affects a number of Intel® Processors. The hardware flaw affects server memory and may allow for unexpected reloads of a device (DoS attack) if unmitigated.

What is the new vulnerability?

Reported as a new variant of the Zombieload attack discovered earlier this year, this new flaw is said to target Intel’s latest family of chips, Cascade Lake.

CVE-2018-12207 is a vulnerability in the way Intel® CPUs handle memory. If exploited by an authenticated user, it can cause your server or hardware node to unexpectedly reboot, which effectively would take that part of the solution offline for a period of time.

Statement from Intel®:

“The vulnerability enables the improper page table invalidation for page table updates by a virtual guest operating system for multiple Intel® platforms. This may allow an authenticated user to potentially enable temporary denial of service of the host system via local access.

“In certain virtualised environments, malicious actors with Ring-0/administrative privileges in a guest OS may potentially leverage this issue to mount a temporary DoS attack by utilising published errata for Instruction fetch.

“A potential attack may result in a fatal MCE (machinecheck) (IA32_MCi_STATUS.MSCOD=00FH), (IA32_MCI_STATUS. MCACOD=0150H) in the host machine and be seen as host platform reset.”

Mitigating risk

Fortunately, the majority of vulnerabilities found by internal researchers during a review, with a small number found by supporting external parties.

Intel® is not aware of any real-life exploits of this vulnerability. It has coordinated with OS and hypervisor vendors to provide updates to mitigate any potential vulnerability.

At UKFast, we work closely with technology partners to ensure we are made aware of vulnerabilities as soon as they arise, to provide the best security for our clients. Information regarding patches and updates to mitigate CVE-2018-12207 will be provided as soon as they become available.

Which Intel® products does the vulnerability affect?

Client:

  • Intel® Core™ i3 Processor
  • Intel® Core™ i5 ProcessorIntel® Core™ i7 Processor
  • Intel® Core™ m Processor family
  • 2nd generation Intel® Core™ Processors
  • 3rd generation Intel® Core™ Processors
  • 4th generation Intel® Core™ Processors
  • 5th generation Intel® Core™ Processors
  • 6th generation Intel® Core™ Processors
  • 7th generation Intel® Core™ Processors
  • 8th generation Intel® Core™ Processors
  • Intel® Core™ X-series Processor family
  • Intel® Pentium® Gold Processor Series
  • Intel® Celeron® Processor G Series

Server:

  • 2nd Generation Intel® Xeon® Scalable Processors
  • Intel® Xeon® Scalable Processors
  • Intel® Xeon® Processor E7 v4 Family
  • Intel® Xeon® Processor E7 v3 Family
  • Intel® Xeon® Processor E7 v2 Family
  • Intel® Xeon® Processor E7 Family
  • Intel® Xeon® Processor E5 v4 Family
  • Intel® Xeon® Processor E5 v3 Family
  • Intel® Xeon® Processor E5 v2 Family
  • Intel® Xeon® Processor E5 Family
  • Intel® Xeon® Processor E3 v6 Family
  • Intel® Xeon® Processor E3 v5 Family
  • Intel® Xeon® Processor E3 v4 Family
  • Intel® Xeon® Processor E3 v3 Family
  • Intel® Xeon® Processor E3 v2 Family
  • Intel® Xeon® Processor E3 Family
  • Intel® Xeon® E Processor
  • Intel® Xeon® D Processor
  • Intel® Xeon® W Processor
  • Legacy Intel® Xeon® Processor

If you have any questions about your UKFast solution, please don’t hesitate to get in touch with the UKFast support team. We’re happy to help.

Call 0800 230 0032