DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 21, 2019 
Main Menu
News archives

Who's Online
There are currently 178 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

CPU attack could let malware circumvent OS security measures

Posted on Wednesday, October 19 2016 @ 16:14:34 CEST by

Intel logo
Security researchers discovered a flaw in Intel's processors that makes it possible to circumvent address space layout randomization (ASLR), a security feature found in many operating systems, including Windows, Linux and OS X.

ASLR does what it name suggests, it randomizes the location in your PC's memory where software loads specific lines of code. This aids to limit the damage of exploits, often resulting in just a system crash rather than a full system compromise.

Unfortunately, the researchers discovered that Intel's Haswell processor has a side channel flaw in its branch predictor that discloses the memory locations. This branch predictor boosts performance by anticipating the addresses where soon-to-be-executed instructions are located. The attack works by exploiting collisions in the branch target buffer table to discover where the software loads specific chunks of code.

As reported by ARS Technica, malware creators could abuse this flaw to make attacks more potent:
Nothing's stopping malicious attackers from bundling a similar bypass app with attack code that exploits a critical OS or application vulnerability. The exploit could then use the disclosed memory location to ensure malicious payloads are successfully executed by a targeted computer, instead of being flushed without ever being run, as is normally the case when ASLR is active. The researchers believe that ASLR implemented by both Microsoft Windows and Apple's OS X is similarly vulnerable. They have yet to perform research on other chip architectures to see if they also contain side channels that defeat ASLR.
Attacks based on this method work on multiple operating systems and also work across virtualization boundaries. While the paper provided proof-of-concept using the Intel Core i7-4800MQ processor, it's unknown if other Intel CPU generations or perhaps even AMD processors are vulnerable.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba