[Phoronix] New ZombieLoad Side-Channel Attack Variant: TSX Asynchronous Abort
Current Intel hardware mitigations do not cover TAA and current Cascade Lake CPUs remain vulnerable. TAA can allow leaking of data across processes, privilege boundaries and Hyper Threading. With Hyper Threading disabled, TAA can still leak data from protected domains.
For mitigating TAA Asynchronous Abort there is no new software workaround out today short of disabling Intel TSX. It is recommended to disable Hyper Threading while Cyberus ultimately recommends running trusted/untrusted applications on separate physical systems.
* Laughs in "I told you so" *
Hardware mitigations only cover known attacks and do not cover the vector. Unless Intel builds a CPU from the ground up these will keep popping like mushrooms... (MUSHROOM!!!).