Technology content trusted in North America and globally since 1999
8,385 Reviews & Articles | 64,030 News Posts

Old Vulnerability in Intel CPUs Shows Up again

The rootkit that eont die
By Sean Kalinich from Mar 20, 2009 @ 12:06 CDT

There is nothing like having an old problem come back to bite you.
Well this is exactly what is happening to Intel.


However a couple of enterprising security researchers are looking to make an Old Intel bug have a god at it.


Joanna Rutkowska and Rafal Wojtczuk released information on proof on concept code that exploits a flaw in Intel CPU System Management Mode Memory or SMRAM.


This memory runs at a higher level of privilege than even the OS and if compromised it would difficult if not impossible to remove. SMRAM cannot be controlled by the OS Kernel or Hypervisor due to this protection any code run there is assumed to be valid and safe.


Intel says they are and have been working on a fix for this at the board level and have brought their OEM partners into work on this. According to Intel many newer boards already have protection from this type of attack.


Read more here


Old Vulnerability in Intel CPUs Shows Up again

While Rutkowska and Wojtczuk's proof of concept code is harmless, it's meant to illustrate the potential for danger if an attacker gets control of SMRAM and uploads special executable code, called shellcode, into the memory.


She said the issue has been fixed on some Intel (NASDAQ: INTC) motherboards, but older Intel boards are still open to exploitation. She also added in the report that the company is pursuing more widespread answers to the problem.


"Intel has informed us that they have been working on a solution ... for quite a while and have also engaged with OEMs/BIOS vendors to implement certain new mechanisms that are supposed to prevent the attack," Rutkowska and Wojtczuk wrote in their report. "According to Intel, many new systems are protected against the attack."


Related Tags