Slashdot Mirror


Intel CPU Privilege Escalation Exploit

Eukariote writes "A paper and exploit code detailing a privilege escalation attack on Intel CPUs has just been published. The vulnerability, uncovered by security researchers Joanna Rutkowska (of Blue Pill fame), Rafal Wojtczuk, and, independently, Loic Duflot, makes use of Intel's System Management Mode (SMM). Quote: "The attack allows for privilege escalation from Ring 0 to the SMM on many recent motherboards with Intel CPUs. Rafal implemented a working exploit with code execution in SMM." The implications of this exploit are severe."

8 of 242 comments (clear)

  1. Ouch by Big+Hairy+Ian · · Score: 5, Funny

    This could make the apple bricking patch look like a kindergarten party

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

    1. Re:Ouch by Knara · · Score: 4, Funny

      A kindergarten party?

    2. Re:Ouch by machine321 · · Score: 5, Funny

      I was on the apple bricking patch for a while, it really helped me quit apple bricking.

  2. CD Boot by Baldrson · · Score: 4, Funny
    TFA: The malware code takes over a PC with little or no recourse to remove it.

    Haven't these guys ever booted from a CD?

    1. Re:CD Boot by CannonballHead · · Score: 5, Funny

      No, really. It takes it over! You can't even come within 5 feet of the case, the malware pushes you back!

  3. But more importantly... by Anonymous Coward · · Score: 5, Funny

    ... Joanna Rutkowska is hot!

    1. Re:But more importantly... by Anonymous Coward · · Score: 5, Funny

      This is an even better picture. But it's not Joanna.

  4. Easy workaround by Anonymous Coward · · Score: 5, Funny

    Run all code on a 286 or below.