Old Vulnerability in Intel CPUs Shows Up again

The rootkit that eont die.

Published Fri, Mar 20 2009 12:06 PM CDT   |   Updated Tue, Nov 3 2020 12:37 PM CST
There is nothing like having an old problem come back to bite you.
Well this is exactly what is happening to Intel.

However a couple of enterprising security researchers are looking to make an Old Intel bug have a god at it.

Joanna Rutkowska and Rafal Wojtczuk released information on proof on concept code that exploits a flaw in Intel CPU System Management Mode Memory or SMRAM.

This memory runs at a higher level of privilege than even the OS and if compromised it would difficult if not impossible to remove. SMRAM cannot be controlled by the OS Kernel or Hypervisor due to this protection any code run there is assumed to be valid and safe.

Intel says they are and have been working on a fix for this at the board level and have brought their OEM partners into work on this. According to Intel many newer boards already have protection from this type of attack.

Read more here

Old Vulnerability in Intel CPUs Shows Up again

While Rutkowska and Wojtczuk's proof of concept code is harmless, it's meant to illustrate the potential for danger if an attacker gets control of SMRAM and uploads special executable code, called shellcode, into the memory.

She said the issue has been fixed on some Intel (NASDAQ: INTC) motherboards, but older Intel boards are still open to exploitation. She also added in the report that the company is pursuing more widespread answers to the problem.

"Intel has informed us that they have been working on a solution ... for quite a while and have also engaged with OEMs/BIOS vendors to implement certain new mechanisms that are supposed to prevent the attack," Rutkowska and Wojtczuk wrote in their report. "According to Intel, many new systems are protected against the attack."

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles