Another day, another threat. But this time it’s pretty serious and worth taking a second look. News is that researchers at Invisible Things Lab have released paper detailing how PCs that run on Intel processors could be targeted and essentially crippled.

The attack involves Cache Poisoning in which the attacker gains access to SMM (System Management Mode) which is one of the most privileged areas of the processor to which even the OS is not granted access. Once the worm/virus is in the SMM it can wreck havoc since any code can be executed in SMM and RAM contents used by SMM can be effected too. Once you are inside SMM, you have bypassed OS kernel protection!

The report claimed that they have recorded attacks exploiting the SMM hole in Intel processors in the last 10 months and even with the release of Intel’s advanced boards like the popular DQ35, the hole has so far been unhandled putting millions of PCs worldwide at risk!

Since the problem is essentially with the firmware, which cannot just is pretty different then just updating your security shield by installing any security patch, the consequences could be disastrous.

Update 1:

For those who think putting up a large motherboard image is misleading OR to cover up the length of this release: The attack is based on CPU cache semantics exploit where the intel’s board is also vulnerable. Please read the complete paper or better should have researched before hurrying off and commenting.

Reference: