How to protect your devices against the ZombieLoad attack

Image credit: Natascha Eibl/Shutterstock (Image credit: Natascha Eibl/Shutterstock)

Welcome to our guide on how to protect against the ZombieLoad attack. On this page, we give you all the antivirus and other information you need for making sure that your devices are protected against the ZombieLoad vulnerability.

ZombieLoad affects Intel processors made since 2011, so if you have a device that uses an Intel processor, read on to find out how to protect it.

Recently, AMD officially confirmed that its processors are not affected by ZombieLoad, so it appears that it remains an Intel-only vulnerability.

If you're concerned that your device is vulnerable, then make sure you have applied all the latest patches and updates for your operating system.

What is ZombieLoad?

The ZombieLoad flaw allows potential malicious hackers to steal private browsing history, passwords and other information from affected PCs using a software that exploits bugs in Intel hardware.

Also known as CVE-2018-12130, ZombieLoad  uses flaws in how CPUS handle “zombie loads” – which are high amounts of data that the processor cannot properly deal with. These loads cause the processor to use elements of its microcode to prevent the whole PC crashing. This load can contain sensitive data from apps and programs, and the flaw allows this information to be accessed.

How can I tell if I am affected by the ZombieLoad flaw?

Unfortunately, there's currently no easy way to tell if you're affected by the ZombieLoad flaw. Also, antivirus software and internet security suites won't identify the flaw.

However, if you use a device that runs on an Intel processor that you bought after 2011, it's very likely that you are vulnerable to ZombieLoad.

This means PCs, Macs and Intel-based tablets are all vulnerable. It's safest to assume at this point that you are vulnerable to ZombieLoad unless you exclusively use devices that run on AMD or ARM processors.

Before you begin to panic, it's worth noting that while it's likely you're using hardware that's vulnerable to ZombieLoad attacks, that doesn't mean you've been targeted. There isn't any evidence out there that ZombieLoad has been used to attack devices yet – however it does mean you want to make sure your devices are all updated to be protected against ZombieLoad as soon as possible.

ZombieLoad

ZombieLoad affects any device running an Intel processor from 2011 onwards (Image credit: Shutterstock) (Image credit: Shutterstock)

How to protect against the ZombieLoad CPU security flaw

Below you’ll find ways to fix and protect yourself against the ZombieLoad CPU security flaw for a range of devices. We’ll keep updating this list as new fixes emerge.

How to fix ZombieLoad CPU security flaw on Android devices

While most Android devices run on ARM hardware and won’t be affected by ZombieLoad, any Android device using Intel hardware will need to apply the patches, according to Google in a security bulletin.

These patches will be supplied by the hardware manufacturer of the Android device, not Google, so visit the manufacturer's web site, or contact them directly, to find out when the patches will be released.

You can also manually check for updates. Open the settings app on your Android device, go to ‘System’ and see if you can find new updates waiting for you. It may also be worth following your phone manufacturer on Twitter to keep up with news about the update.

How to fix ZombieLoad CPU security flaw on Windows PCs

Windows PCs and laptops are likely to be hit hardest by ZombieLoad, as a huge majority of them will be running on Intel hardware. ZombieLoad affects Windows 7 and Windows XP computers, as well as PCs running Windows 10.

The good news is that Microsoft has already released a security update for Windows 10, as well as previous versions of Windows.

Windows 10 should download the update automatically, but to be sure, type ‘windows update’ in the search bar of the taskbar, and select ‘Check for updates.’ Download and install any new updates it finds.

You can also download the fix for ZombieLoad from the Microsoft Support website.

How to fix ZombieLoad CPU security flaw on Macs

Macs have also been affected by ZombieLoad, and it has released a ZombieLoad patch for macOS Mojave 10.14.5, which applies to every Mac and MacBook released since 2011. This patch also includes an update for its Safari internet browser.

However, it appears that some Macs may see a 40% fall in performance if all the patches are applied. That’s bound to upset a lot of Mac owners, so let’s hope Apple and Intel work on further mitigations that reduce the impact to performance.

There will also be a security update for Macs running macOS Sierra and macOS High Sierra as well. iPhones and iPads are not affected.

For older versions of macOS, keep an eye out in the Mac App Store for any updates to OS X or macOS, and make sure you’re running the latest version of the operating system.

How to fix ZombieLoad CPU security flaw on Linux

ZombieLoad also affects any Linux machine that runs on Intel hardware. Greg Kroah-Hartman, the stable Linux kernel maintainer, announced the release of Linux kernel 5.1.2. As he says in the release statement, " All users of the 5.1 kernel series must upgrade. Well, kind of, let me rephrase that...All users of Intel processors made since 2011 must upgrade."

Meanwhile, distro teams have been scrambling to release fixes. Red Hat has announced that Red Hat Enterprise Linux (RHEL) 5 to the latest RHEL 8 are affected, as well as Red Hat Virtualization and Red Hat OpenStack.

Red Hat has developed kernel security updates for products, so make sure you have the latest updates installed. However, be warned that these patches could lead to performance issues.

Canonical, the company behind the popular Ubuntu Linux distro, has also released information on how to mitigate against ZombieLoad.

This involves disabling hyper-threading, so again these mitigations will likely impact performance.

How to fix the ZombieLoad flaw on Chromebooks

If you have a recent Chromebook, then you should be automatically protected from ZombieLoad, as Chrome OS automatically keeps itself updated, and the latest version – Chrome OS 74, disables Hyper-Threading which prevents the ZombieLoad flaw.

This could result in impacts to performance, but Google is working on adding further mitigations against ZombieLoad to Chrome OS 75.

How to protect Firefox and Chrome against ZombieLoad

Mozilla has also said that it is working on a long-term fix for its Firefox web browser for macOS, and Firefox Beta and Firefox Nightly versions have the patch already installed.

According to Mozilla, no action is needed for Windows and Linux users of Firefox.

If you use Google's Chrome web browser, than Google suggests you make sure the operating system it runs on (be it Windows, Linux or macOS) is updated with the latest mitigations.

Matt Hanson
Managing Editor, Core Tech

Matt is TechRadar's Managing Editor for Core Tech, looking after computing and mobile technology. Having written for a number of publications such as PC Plus, PC Format, T3 and Linux Format, there's no aspect of technology that Matt isn't passionate about, especially computing and PC gaming. He’s personally reviewed and used most of the laptops in our best laptops guide - and since joining TechRadar in 2014, he's reviewed over 250 laptops and computing accessories personally.

TOPICS