For those of you in need of a memory refresh - Spectre and Meltdown were two flaws which allowed hackers to pull out sensitive data directly from the computer's processor, including passwords.
Intel refers to the vulnerabilities as microarchitectural data sampling, or MDS, which can be exploited by attackers to access data being used not just by applications, but also containers and virtual machines.
The flaws were unearthed by a supergroup of security researchers hailing from places and companies such as Graz University of Technology, Bitdefender and Oracle.
It affects personal computers and laptops, include Apple Macintosh machines, as well as servers and computing resources in clouds such as Amazon Web Services, Microsoft Azure, and Google Cloud, if they are powered by Intel Core or Xeon-branded processors released since 2011. Spectre, which proved more hard to patch even at the software level, also afflicted Intel's competitors, including AMD and ARM, which manufactures chips for smartphones and other internet-of-things devices.
Intel said it's already addressed the problem in its newest chips after working for months with business partners and independent researchers.
To elaborate on the same, ZombieLoad is a side-channel attack that makes it possible for hackers to retrieve the data that the CPU is processing at that point of time.
"However, unlike the recent Cisco router vulnerability, and most notably the "2nd flaw" that was making headlines, a patch or patches are available and they will help", said Curry.
"Ever since Meltdown/Spectre, if not before, researchers have been going over every micro-architectural enhancement from the past 40 years and assessing them as side-channel targets", said Joe FitzPatrick, an instructor and researcher at SecuringHardware.com, a training site.
If you are interested in how attacks like Zombieload work with the newly revealed hardware vulnerabilities, it sounds similar to the way that Spectre and Meltdown attacks work.
What is described as Zombieload, RIDL and Fallout can used to attacks victims.
The researchers who discovered the vulnerabilities published this proof-of-concept demonstration showing how an unprivileged attacker - who has the ability to execute code on a system - can reconstruct URLs being visited in Firefox.
- Helicopter lands on Hudson River; only pilot aboard
- New McLaren GT adds a grand tourer to supercar brand lineup
- Lillard: 'Lot of contact' by Iguodala on final play
- McIlroy recovers from 'horrendous' start to make cut
- Pop of orange and neon for Deepika Padukone on Cannes Day 2
- Team Trump says it won't cooperate with House investigations
- Musk gets head start on Bezos launching SpaceX's own satellites
- Realme announces global launch of X, X Lite
- The OnePlus 7 Pro has already had a software update
- Motorola One Vision Review: Hands-On