1. Home
  2. Forums Index
  3. Server Side / Webmaster Hardware 5:38 am May 21, 2026

Forum Moderators: open

Message Too Old, No Replies

Exploit Code Targeting Intel Chip Flaw to Be Published Today

         

bakedjake

6:09 pm on Mar 19, 2009 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



Uh Oh, Exploit code targeting major Intel chip flaw to be posted 3/19/09 [networkworld.com]

The heart-stopping thing about this particular exploit is that it hides itself in the SMM space. To put that into perspective, SMM is more privileged than a hypervisor is and it's not controllable by any Operating System. By design, the operating system cannot override or disable System Management Interupt (SMI) calls. In practice, the only way for you to know what is running in SMM space is to physically disassemble the firmware of your computer. So, given that an SMI takes precedence over any OS call, the OS cannot control or read SMM, and the only way to read SMM is to disassemble the system makes an SMM rootkit incredibly stealthy!

kaled

11:20 pm on Mar 19, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I'm not worried - I have an AMD64 in my primary machine.

There is paranoia here, it may provide new methods of attack but the code still has to reside in a file and it can, in theory, be detected there by anti-virus software.

Also, it sounds like it should be possible to disable this attack vector by disabling caching (but that would hit performance). However, this is not supported by every bios.

Kaled.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Webmaster Hardware 5:38 am May 21, 2026