Earlier this week, it became known that the dangerous processor vulnerability Zombieload has another variation (Zombieload 2), which was not previously reported. The problem poses a threat even to newer Intel processors, including Cascade Lake, although it was believed that these processors are not susceptible to such attacks, as they are protected at the hardware level.
Although Intel engineers have already released updated microcodes, the problem is that they significantly affect performance, as do patches for Meltdown, Specter, Foreshadow, Fallout and Zombieload. Because of this nuance, many users may not knowingly install updates, preferring security performance. Also, many of those who still install updates prefer to turn off the underlying technology, too, so as not to be at risk and have fewer performance issues.
The fact is that the Zombieload 2 problem is closely related to Intel TSX technology, disabling it also helps to significantly reduce risks. As a result, Microsoft specialists have already published detailed instructions to disable Intel TSX, which can be achieved through the registry:
reg add "HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control Session Manager Kernel" / v DisableTsx / t REG_DWORD / d 1 / f
Linux developers also did not stand aside and tellthat to disable Intel TSX can be used model-specific registers (Model-Specific Registers, MSR).
Let me remind you that Intel TSX technology is available by default in all Intel processors manufactured after 2013 (Haswell processors got the first TSX support). Full list Vulnerable to Zombieload 2 processors can be found on the official Intel website.