A new class of processor chip vulnerabilities targeting the 'speculative execution' portion of Intel chips has been discovered by a group of researchers a few days back. These three vulnerabilities are named ZombieLoad, fallout, and RIDL (Rogue In-flight Data Load). These flaws are rated highly critical by the team of researchers who discovered them. ManageEngine Patch Manager Plus now supports patches for the ZombieLoad vulnerability.
Name of the Vulnerability: ZombieLoad
Severity : Highly critical
Exploitation status : Not exploited
Affected systems : Every Intel chip manufactured after 2011
Fixes : Major OS vendors like Microsoft and Apple have released a temporary software fix. Intel is working on a permanent fix.
ManageEngine highly recommends its users to install the latest patches to secure the endpoints from 'ZombieLoad vulnerability'.
You can install the latest patches by looking for Patch IDs for respective applicable OSs.
Patch IDs - Applicable OSs
Patch ID 106957 - Windows 10 Version 1709 for x64
Patch ID 106956 - Windows 10 Version 1709 for x86
Patch ID 106959 - Windows 10 Version 1703 for x64
Patch ID 106958 - Windows 10 Version 1703 for x86
Patch ID 106949 - Windows 10 Version 1507 for x64
Patch ID 106948 - Windows 10 Version 1507 for x86
Patch ID 106953 - Windows 10 Version 1607 for x64
Patch ID 106954 - Windows 10 Version 1607 for x86
Patch ID 106955 - Windows Server 2016 for x64
MAC-134 - 601901 - macOS Mojave 10.14.5
MAC-140 - 601900 - macOS Mojave 10.14.5 Combo Update
MAC-133 - 601902 - Security Update 2019-003 (High Sierra)
MAC-130 - 601903 - Security Update 2019-003 (Sierra)