DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
January 23, 2018 
Main Menu
News archives

Who's Online
There are currently 456 people online.


Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller

Follow us

Bug in Intel CPUs can be exploited by rootkits

Posted on Friday, March 20 2009 @ 16:34:09 CET by

Security researcher Joanna Rutkowska and fellow researchers warn for a vulnerability in Intel's processors that enables criminals to read or write into the otherwise protected SMRAM memory of your processor. By exploiting this flaw, malware makers could create rootkits that are incredibly difficult to detect:
SMRAM means System Management Mode memory, and according to NetworkWorld blogger Jamey Heary, a rootkit running there would be incredibly difficult to detect. Naturally, such a rootkit could also conceal any number of trojans, viruses, and miscellaneous malware apps running on an infected system. Here's a snip from Heary's blog post:

The heart-stopping thing about this particular exploit is that it hides itself in the SMM space. To put that into perspective, SMM is more privileged than a hypervisor is and it's not controllable by any Operating System. By design, the operating system cannot override or disable System Management Interupt (SMI) calls. In practice, the only way for you to know what is running in SMM space is to physically disassemble the firmware of your computer. So, given that an SMI takes precedence over any OS call, the OS cannot control or read SMM, and the only way to read SMM is to disassemble the system makes an SMM rootkit incredibly stealthy!
Rutkowska published a paper and proof-of-concept code but notes she wasn't the first to find the bug. Intel employees found the vulnerability in late 2005 but the problem hasn't been fixed yet.

Source: The Tech Report



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba