Hardware processor vulnerabilities were a myth untill Meltdown and Spectre broke loose. These processor chip vulnerabilities were a nightmare to the enterprises as it affected nearly every single computer processor ever built.
But that was last year. Now, a class of processor chip vulnerabilities has come to haunt us again. These vulnerabilities— ZombieLoad, Fallout, Rouge In-flight Data Load (RIDL), and Store-to-Leak forwarding, affect the 'Speculative Execution' portion of the CPU which when exploited can give away sensitive information from the system memory.
ZombieLoad is one of the four processor chip vulnerabilities that were recently discovered by a group of security researchers from Graz University of Technology. This was the same team of researchers who reported Meltdown and Spectre. Much like Spectre, ZombieLoad manipulates a vulnerability in speculative execution—a feature used in CPUs to help the processor "predict" what information an app or program will need in order to speed up its performance.
Just like Meltdown and Spectre, only the processor manufacturer (Intel in this case) can provide a permanent fix for this vulnerability as this is a design flaw. But major software vendors like Microsoft, Apple, and Google have already released patches to fix ZombieLoad temporarily. Patch Manager Plus supports installing these patches to secure your enterprise from ZombieLoad
You can install the patches from the Patch manager Plus console by simply navigating to Patches > Critical Vulnerabilities and filtering out "ZombieLoad Speculative Execution vulnerability". You can then select the patches applicable to your endpoints and install them.
With features to automate patch management, test and approve patches, decline patches, and more, you can install the latest patches seamlessly to your endpoints as soon as they're available. Patch Manager Plus supports patching for all the major OSs like Windows, Mac, and Linux as well as patching for more than 500 third-party applications. This way, you'll never miss a patch for any of your applications.