Printed from http://www.electronista.com

Exploit could attack systems via Intel chips

updated 02:45 pm EDT, Thu March 19, 2009

Intel SMM Security Exploit

Joanna Rutkowska of Invisible Things Lab today posted details of a security exploit that could compromise many systems using Intel processors. The techinque involves "poisoning" a given chip's cache memory and forcing access to System Management Mode (SMM), which addresses errors, power management and other features outside of normal processor use. A successful attack would let the attacker either dump the contents of RAM used for SMM so that it can be more easily compromised or else to run arbitrary code from the memory.

Intel notes that some of its platforms should already be immune against the exploit, though some relatively recent self-produced mainboards like the DQ35 still open the door to potential attacks. The company is reportedly developing fixes for at least some systems.

It's unclear whether such security breaches are applicable to any operating system, though the nature of the discovery is theoretically independent of software. More details should be available following a presentation at CanSecWest today.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. bigjimid

    Fresh-Faced Recruit

    Joined: Feb 2009

    0

    Intel chips?

    I wonder why only Intel chips are effected from this "poisoning", and not others.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0

    Re: Intel chips

    Probably because of the underlying software on the chip, such that 'poisoning' the cache kicks in some code that then allows the access.

    Just like how abnormal use of an API or program could cause an OS to run code it shouldn't, or elevate permissions for a process which shouldn't be elevated.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a fort ...

Sponsor

toggle

Most Commented

 
toggle

Popular News