The vulnerability has to do with an extension to the x86 instruction set architecture called Intel Transactional Synchronization Extensions (Intel TSX). This extension adds hardware transactional memory support to improve multi-threaded workloads. The flaw has been dubbed TSX Asynchronous Abort (also known as ZombieLoad 2), which Intel says is similar to Microarchitectural Data Sampling (MDS) and affects the same buffers (store buffer, fill buffer, and load port writeback data bus).
Here's how Intel describes the vulnerability...
"Intel TSX supports atomic memory transactions that are either committed or aborted. When an Intel TSX memory transaction is aborted, either synchronously or asynchronously, all earlier memory writes inside the transaction are rolled back to the state before the transaction start. While an Intel TSX asynchronous abort (TAA) is pending, certain loads inside the transaction that are not yet completed may read data from microarchitectural structures and speculatively pass that data to dependent operations. This may cause microarchitectural side effects, which can later be measured to infer the value of the data in the microarchitectural structures."
The bug affects a wide range of CPUs, including its 10th generation Core processors (mobile), 2nd generation Xeon scalable processors (server), Xeon W processor family (workstation), 9th generation Core processors (mobile and desktop), Xeon processor E family (workstation and server), 10th generation Pentium Gold processor series (mobile), 10th generation Celeron 5000 series (mobile), and 8th generion Core processors (mobile).
Microsoft Addresses ZombieLand 2 Security Flaw In Intel Processors With Windows Patches
Microsoft is already on top of the ball with a bit of a plain-English breakdown and security patches for several versions of Windows.
"To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system," Microsoft says.