1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Serious Intel CPU security exploit spotted in old x86 chips

Discussion in 'News & Current Events' started by IceMan37, Sep 6, 2015.

  1. IceMan37

    IceMan37 Banned

    Joined:
    Apr 24, 2014
    Messages:
    1,079
    Operating System:
    Windows 10
    Computer Brand or Motherboard:
    MSI Z87M-G43
    CPU:
    I5 4690k @ 4.6
    Memory:
    16GB Hyper X 1866
    Hard Drive:
    1TB WD_Blue | 240Gb Sandosk SSD
    Graphics Card:
    eVGA GTX 970 FTW
    Power Supply:
    750W Tt
    Firmware-level security threat warning
    By Dave Neal
    Mon Aug 10 2015, 14:43



    dd00d861ac74812bbddd35c2dce56d29.jpg INTEL'S FIRMWARE HAS HAD ITS CHIPS and is open to a serious CPU security exploit that puts users at risk, according to a security researcher.

    Technology is always putting people at risk. It has more backdoors than an illegal drinking den, and more criminals in its postcode than a prison. We are always shining the black light of vulnerability on one firm or another, and today it is Intel's turn.

    Christopher Domas is the security researcher, and he presented his findings at the Black Hat conference last week and released them in a detailed and explanatory document.

    Domas is a lecturer on computer science and engineering at Ohio State University and part of the local non-profit Battelle, a science and technology institute.

    His research paper, entitled The Memory Sinkhole (PDF), shows that it's possible to exploit old hardware and x86 architecture to such an extent that a hacker could take remote control of a system.

    This should never be considered a good thing, and the presentation at the show has led to a number of concerned glances in the direction of the Intel architecture.

    Shock and awe is guaranteed by the suggestion that the vulnerability has existed for almost two decades and that Domas is able to demonstrate a proof-of-concept exploit.

    Battelle said in the run up to the security conference that the Intel x86 architecture is a venerable piece of technology that has become something of a software portmanteau with patchy protection.

    "The architecture has heaped layers upon layers of protections, but 40 years of x86 evolution have left a labyrinth of forgotten backdoors into the ultra-privileged modes," the organisation said.

    "Lost in this byzantine maze of decades-old architecture improvements and patches, there lies a design flaw that's gone unnoticed for 20 years. In one of the most bizarre and complex vulnerabilities we've ever seen, we'll release proof-of-concept code exploiting the vast, unexplored wasteland of forgotten x86 features to demonstrate how to jump malicious code from the paltry ring 0 into the deepest, darkest realms of the processor."

    A zero-day exploit exists, according to the researcher, and needs addressing. We have asked Intel for comment on the findings, but so far it has not responded. Reports have it that the firm is working on a solution.


    Source -- TheInquirer.net
     
    IceMan37, Sep 6, 2015
    #1

Share This Page