Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel CPU Privilege Escalation Exploit

Posted by timothy on from the they-never-offer-the-purple-pill dept.

Eukariote writes "A paper and exploit code detailing a privilege escalation attack on Intel CPUs has just been published. The vulnerability, uncovered by security researchers Joanna Rutkowska (of Blue Pill fame), Rafal Wojtczuk, and, independently, Loic Duflot, makes use of Intel's System Management Mode (SMM). Quote: "The attack allows for privilege escalation from Ring 0 to the SMM on many recent motherboards with Intel CPUs. Rafal implemented a working exploit with code execution in SMM." The implications of this exploit are severe."

18 of 242 comments (clear)

  1. Ouch by Big+Hairy+Ian · · Score: 5, Funny

    This could make the apple bricking patch look like a kindergarten party

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

    1. Re:Ouch by Knara · · Score: 4, Funny

      A kindergarten party?

    2. Re:Ouch by machine321 · · Score: 5, Funny

      I was on the apple bricking patch for a while, it really helped me quit apple bricking.

  2. CD Boot by Baldrson · · Score: 4, Funny
    TFA: The malware code takes over a PC with little or no recourse to remove it.

    Haven't these guys ever booted from a CD?

    --
    Seastead this.
    1. Re:CD Boot by CannonballHead · · Score: 5, Funny

      No, really. It takes it over! You can't even come within 5 feet of the case, the malware pushes you back!

    2. Re:CD Boot by l3ert · · Score: 2, Funny

      I'll reserve my judgement on this until I read more from someone that owns a clue.

      I assume you meant "powns a clue".

      --
      per dolorem ad astra
  3. But more importantly... by Anonymous Coward · · Score: 5, Funny

    ... Joanna Rutkowska is hot!

    1. Re:But more importantly... by Ginger+Unicorn · · Score: 1, Funny

      are you kidding? she looks like Q ;)

      --
      (1.21 gigawatts) / (88 miles per hour) = 30 757 874 newtons
    2. Re:But more importantly... by Anonymous Coward · · Score: 5, Funny

      This is an even better picture. But it's not Joanna.

    3. Re:But more importantly... by Anonymous Coward · · Score: 2, Funny

      Ahem.

      http://xkcd.com/322/

  4. Easy workaround by Anonymous Coward · · Score: 5, Funny

    Run all code on a 286 or below.

    1. Re:Easy workaround by teknopurge · · Score: 2, Funny

      Your lulz make my Sparcstation weep....

      --
      Website Hosting
  5. Let's go retro by AlteredEgg · · Score: 2, Funny

    Wonder if this will spawn a run on Mac G5's.

  6. Re:Apple by Anonymous Coward · · Score: 2, Funny

    Does this mean Apples are vulnerable?

    No. Macs are imperious to rootkits. Now check out this super cool beta version of Safari:

  7. Re:Ring of Fire by geckipede · · Score: 2, Funny

    if you're on vulnerable hardware, once some malware that uses this trick has gained root, nothing short of physically setting fire to the motherboard will clean it. Reinstalling from scratch can't help you.

  8. Re:Ring of Fire by Barsteward · · Score: 1, Funny

    "If you are running in ring zero..."

    No-one is going to running in my ring 0 unless they pay a million or two

    --
    "The hands that help are better far than lips that pray." - Robert Ingersoll (1833-1899)
  9. Re:Inexcusable by anss123 · · Score: 2, Funny

    Hard real time is a world in which stuff is expected to actually work every time.

    So instead of "real time kernel" it should be called "every time kernel" :-)

  10. Re:Bring back burning at the stake! by ijakings · · Score: 3, Funny

    I for one would like to welcome our new flaming devil overlords