It takes one rouge/unpatched VM to run and scan threads randomly, undetected ove... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		dschuetz on May 14, 2019 \| parent \| context \| favorite \| on: ZombieLoad: Cross Privilege-Boundary Data Leakage ... It takes one rouge/unpatched VM to run and scan threads randomly, undetected over a longer period of time, if not patched. With HT disabled potential hits become less likely, but still possible given time. Is virtualization on Intel dead now? Perhaps not. But, it's increasingly dangerous to use Intel for cloud services.

nnx on May 15, 2019 [–]

Interestingly AWS released a bulletin about MDS vulnerability but nothing about ZombieLoad yet. https://aws.amazon.com/security/security-bulletins/AWS-2019-...

scandinavian on May 15, 2019 | [–]

CVE-2018-12130 is in the list of CVE's in your link. That is the ZombieLoad CVE. I hate these stupid names, they only confuse as shown by your comment.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact