CPU poisoning affects Intel systems

Researchers at Invisible Things Lab presented information at the CanSecWest conference on Thursday in Vancouver about a security exploit that could comprise computers running on Intel processors. The exploit involves the poisoning of of the cache of a CPU operating in System Management Mode (SMM). They also noted that this was the third such types of security exploits that the team had found affecting Intel based computers in the last ten months.

The SMM exploit works by poisoning the chip’s cache memory which would allow for forced access to SMM, one of the most privileged CPU modes on x86 architectures. Even operating systems can’t access SMM – the mode that handles certain errors, power management and other features.

The potential consequence of attacks on SMM might include SMM rootkits, hypervisor compromises, or OS kernel protection bypassing, they said.

Intel has been working on a solution to prevent caching attacks on SMM memory, and a spokesperson has said that many new systems are protected against the exploit. But, writing in their paper, Rutkowska and Wojtczuk said: “Some of Intel’s recent motherboards, like the popular DQ35, are still vulnerable to the attack. Additionally, the workarounds that Intel has mentioned to us are not yet officially documented.”

Source: SC Magazine – Intel CPU exploit threatens PCs worldwide

Time to bloated Norton solution in 3 …. 2 …. 1…..

Comments