DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 15, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 210 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

CPU attack could let malware circumvent OS security measures

Posted on Wednesday, October 19 2016 @ 16:14:34 CEST by


Intel logo
Security researchers discovered a flaw in Intel's processors that makes it possible to circumvent address space layout randomization (ASLR), a security feature found in many operating systems, including Windows, Linux and OS X.

ASLR does what it name suggests, it randomizes the location in your PC's memory where software loads specific lines of code. This aids to limit the damage of exploits, often resulting in just a system crash rather than a full system compromise.

Unfortunately, the researchers discovered that Intel's Haswell processor has a side channel flaw in its branch predictor that discloses the memory locations. This branch predictor boosts performance by anticipating the addresses where soon-to-be-executed instructions are located. The attack works by exploiting collisions in the branch target buffer table to discover where the software loads specific chunks of code.

As reported by ARS Technica, malware creators could abuse this flaw to make attacks more potent:
Nothing's stopping malicious attackers from bundling a similar bypass app with attack code that exploits a critical OS or application vulnerability. The exploit could then use the disclosed memory location to ensure malicious payloads are successfully executed by a targeted computer, instead of being flushed without ever being run, as is normally the case when ASLR is active. The researchers believe that ASLR implemented by both Microsoft Windows and Apple's OS X is similarly vulnerable. They have yet to perform research on other chip architectures to see if they also contain side channels that defeat ASLR.
Attacks based on this method work on multiple operating systems and also work across virtualization boundaries. While the paper provided proof-of-concept using the Intel Core i7-4800MQ processor, it's unknown if other Intel CPU generations or perhaps even AMD processors are vulnerable.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba