Apple has posted instructions on how to fully mitigate (Microarchitectural Data Sampling) MDS vulnerabilities that affect Macs with Intel CPUs, including the recent discovered ZombieLoad Attack.
The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them. While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys. The attack does not only work on personal computers but can also be exploited in the cloud.
Although there are no known exploits at this time, users with computers at heightened risk or who run untrusted software on their Mac can optionally enable full mitigation to prevent harmful apps from exploiting these vulnerabilities.
The full mitigation, which includes disabling hyper-threading, prevents information leakage across threads and when transitioning between kernel and user space, which is associated with the MDS vulnerabilities for both local and remote (web) attacks.
Unfortunately, Apple's testing showed a massive performance drop of up to 40% when fully mitigating the MDS vulnerabilities.
You can find Apple's instructions on enabling and disabling full mitigation for MDS in the support document linked below.
Read More
The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them. While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys. The attack does not only work on personal computers but can also be exploited in the cloud.
Although there are no known exploits at this time, users with computers at heightened risk or who run untrusted software on their Mac can optionally enable full mitigation to prevent harmful apps from exploiting these vulnerabilities.
The full mitigation, which includes disabling hyper-threading, prevents information leakage across threads and when transitioning between kernel and user space, which is associated with the MDS vulnerabilities for both local and remote (web) attacks.
Unfortunately, Apple's testing showed a massive performance drop of up to 40% when fully mitigating the MDS vulnerabilities.
You can find Apple's instructions on enabling and disabling full mitigation for MDS in the support document linked below.
Read More