• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents

2

The U.S. and Iran can't agree on fully reopening the Strait of Hormuz. The solution could be straight out of the Old Testament

3

A Trump Account could make your kid a millionaire by 45—but financial experts say the app's projections come with a catch

1

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents

2

The U.S. and Iran can't agree on fully reopening the Strait of Hormuz. The solution could be straight out of the Old Testament

3

A Trump Account could make your kid a millionaire by 45—but financial experts say the app's projections come with a catch
TechCybersecurity

‘Zombieload’ Flaw Lets Hackers Crack Almost Every Intel Chip Back to 2011. Why’s It Being Downplayed?

By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
May 15, 2019, 7:45 PM ET
Intel Processor Core i5 2500K
An Intel Processor Core i5 2500K. Apple, Google, and others issued patches after Intel disclosed the "Zombieload" chip security flaw that lets hackers steal passwords.yorkfoto Getty Images
Add Fortune on Google for similar content.
Intel disclosed a new secret-leaking chip security flaw called Zombieload this week, which uses an attack similar to the one used in the Meltdown and Spectre exploits that were disclosed last year.

While Intel classified the threat as “medium,” security researchers have said Zombieload is far more serious. The vulnerability affects almost every Intel computer chip since 2011 and highlights how hackers could become savvier at targeting the security holes in Intel’s computer chips.

“On a scale of 1 to 10, this is ’10’ serious,” says Robert Siciliano, CEO of security awareness training firm Safr.me.

The Zombieload attack takes advantage of a design flaw in most Intel chips, allowing hackers to grab any data that was recently been accessed by the processor. The attack’s name is a reference to “zombie load,” which is when a computer processor can’t properly process a load of data and needs to ask for help in order to prevent a crash.

The bug was discovered by the same researchers at the Netherlands’ VU University and Graz University of Technology who found the Meltdown and Spectre vulnerabilities last year, which affected chips in almost every computer in the world, made by Intel, AMD, and others. Those bugs leaked personal information that was stored on computer processors. They took advantage of speculative execution, a process that helps modern processors anticipate what an app or operating system might need next, in order to run most efficiently.

“Hardware flaws by their nature are very serious,” says Siciliano. While Zombieload shouldn’t be downplayed, he adds, it’s highly unlikely it will ever be used in the wild.
“This particular one would require the hackers to have perfect conditions in order to exploit it,” Siciliano says. Microsoft, Apple, and Google have released patches. However, since it’s a hardware exploit, he adds, the problem will never completely be eliminated.
Zombieload has also highlighted the way that computer bugs are responsibly disclosed and how companies choose to handle that information while trying to avoid a potential PR nightmare. The researchers shared their discovery with Intel last month and threatened to publish the details themselves if Intel didn’t disclose the bug in May, according to an interview with Dutch outlet NRC.
The flaw was rated a 6.5 on a 10 point scale by Intel, putting it at a “medium” threat level, an assessment that left the researchers concerned the chipmaker was downplaying the severity of the flaw, perhaps to attract less attention for paying a big bug bounty. Intel’s bug bounty program pays $100,000 for the most severe threats. At a medium level, Intel’s bug bounty program guidelines, suggest a payment of $5,000.
The researchers say they were offered a $40,000 bounty and an $80,000 gift, which they turned down. When asked for comment, Intel referred Fortune back to its bug bounty program requirements, eligibility, and award schedule.
Casey Ellis, founder and chief technology officer at Bugcrowd, a platform that connects companies with ethical hackers, says Meltdown, Spectre, and Zombieload have placed Intel in the difficult position of figuring out the best way to respond to hardware-related security threats.
“In this case, we are talking about issues that are etched into silicon chips that are in laptops and mobile phones,” he says. “The ability to mitigate that issue is understandably more complicated.”

Typically, after a security researcher notifies a company they’ve found a bug, it’s usually in the company’s best interest to keep it quiet—or risk having the news leak to malicious hackers who may be able to exploit an issue before it has been patched. “Disclosure issues are a double edged sword. On one hand, you notify those affected so they can defend themselves…. On the other hand, you also notify the adversaries and they have the potential to abuse the issue,” says Ellis. “All of those risk factors have been rolled out into how Intel has responded to it.”

While the attacks are complex, they also highlight the growing concern that hackers may be able to discover new entry points in computer chips that companies have previously been blind to. That makes it crucial that white hat hackers continue to test away, says Ellis.

“All of these issues were discovered by independent researchers. It wasn’t an intense quality assurance process [at Intel] or their internal security team,” he says. “It was people in the outside world who got curious to test where the limits are.”

About the Author
By Alyssa Newcomb
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

Trinidad and Tobago signs deals with U.S. companies for data centers, despite history of chronic water shortages and intermittent supply
AIData centers
Trinidad and Tobago signs deals with U.S. companies for data centers, despite history of chronic water shortages and intermittent supply
By Anselm Gibbs and The Associated PressJuly 12, 2026
12 hours ago
Want to earn nearly $100,000 within 5 years of graduating? Study engineering, Fed research says
SuccessThe Promotion Playbook
Want to earn nearly $100,000 within 5 years of graduating? Study engineering, Fed research says
By Orianna Rosa RoyleJuly 12, 2026
15 hours ago
A girl looking at her laptop screen
InnovationEducation
The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents
By Sasha RogelbergJuly 12, 2026
16 hours ago
Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich
Big TechTech
Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich
By Marco Quiroz-GutierrezJuly 12, 2026
16 hours ago
Zhenghua Yang
SuccessSmall Business
At 18, doctors gave him three hours to live. He played video games from his hospital bed—and now, he’s built a $10 million-a-year video game studio
By Preston ForeJuly 12, 2026
16 hours ago
Photo: James Murdoch
Big TechJames Murdoch
James Murdoch may have reaped as much as $7.5 billion from his pre-IPO investment in Elon Musk’s SpaceX
By Claire AtkinsonJuly 12, 2026
17 hours ago

Most Popular

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents
Innovation
The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents
By Sasha RogelbergJuly 12, 2026
16 hours ago
The U.S. and Iran can't agree on fully reopening the Strait of Hormuz. The solution could be straight out of the Old Testament
Middle East
The U.S. and Iran can't agree on fully reopening the Strait of Hormuz. The solution could be straight out of the Old Testament
By Jason MaJuly 11, 2026
1 day ago
A Trump Account could make your kid a millionaire by 45—but financial experts say the app's projections come with a catch
Personal Finance
A Trump Account could make your kid a millionaire by 45—but financial experts say the app's projections come with a catch
By Sydney LakeJuly 12, 2026
17 hours ago
Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich
Big Tech
Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich
By Marco Quiroz-GutierrezJuly 12, 2026
16 hours ago
Wyoming officials say Meta’s 715,000-square-foot data center is responsible for contaminating its water system with a rare bacterium
Environment
Wyoming officials say Meta’s 715,000-square-foot data center is responsible for contaminating its water system with a rare bacterium
By Sasha RogelbergJuly 10, 2026
3 days ago
Trump’s time is running out to avoid a nightmare Strait of Hormuz scenario
Energy
Trump’s time is running out to avoid a nightmare Strait of Hormuz scenario
By Jordan BlumJuly 12, 2026
20 hours ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.