Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researcher Exploits 18-Year-Old Design Flaw To Compromise X86 Chips

Posted by samzenpus on Friday August 7, 2015 @12:57AM from the protect-ya-neck dept.

jfruh writes: Security researcher Christopher Domas has demonstrated a method of installing a rootkit in a PC's firmware that exploits a feature built into every x86 chip manufactured since 1997. The rootkit infects the processor's System Management Mode, and could be used to wipe the UEFI or even to re-infect the OS after a clean install. Protection features like Secure Boot wouldnt help, because they too rely on the SMM to be secure.

3 of 128 comments (clear)

Min score:

Reason:

Sort:

Was already known possible by Anonymous Coward · 2015-08-07 01:09 · Score: 4, Informative

http://www.infoworld.com/article/2653209/security/hackers-find-a-new-place-to-hide-rootkits.html
We already knew this kind of thing was possible, so I guess this is just the first practical implementation? The article is short on details.
Re:HA! by Anonymous Coward · 2015-08-07 01:16 · Score: 5, Informative

Doesn't matter. Any processor from Intel after 2011 no longer has the flaw...
Old bug; Intel knew about it in 2010; they fixed in 2011, now its on the frontpage of Slashdot in 2015..
Details by Anonymous Coward · 2015-08-07 01:23 · Score: 5, Informative

The article is very vague.
They remap the LAPIC to overlap the SMM memory region which makes data loads of the SMM code fetch values from the LAPIC registers instead of from memory.
Here you can find the slides and the whitepaper of the Black Hat conference talk.