Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel CPU Privilege Escalation Exploit

Posted by timothy on from the they-never-offer-the-purple-pill dept.

Eukariote writes "A paper and exploit code detailing a privilege escalation attack on Intel CPUs has just been published. The vulnerability, uncovered by security researchers Joanna Rutkowska (of Blue Pill fame), Rafal Wojtczuk, and, independently, Loic Duflot, makes use of Intel's System Management Mode (SMM). Quote: "The attack allows for privilege escalation from Ring 0 to the SMM on many recent motherboards with Intel CPUs. Rafal implemented a working exploit with code execution in SMM." The implications of this exploit are severe."

2 of 242 comments (clear)

  1. Re:Doesn't seem that scary by sjames · · Score: 5, Insightful

    It's much worse, when combined with a firmware re-write, it will survive a complete re-install and cannot be detected by a security scan booted from CDROM.

  2. Re:CD Boot by antifoidulus · · Score: 5, Insightful

    While you succeed at being snarky, you fail at being correct.

    Dude, I think you came up with a new motto for slashdot!

    --
    Monstar L