Researchers expose potential exploit of Intel CPUs

Security researchers have published information and exploit code on how a flaw in Intel CPUs could potentially be exploited for malicious purposes.

Rafal Woijczuk and Joana Rutkowska of Invisible Things Lab, published information on how Intel CPU cache poisoning on x86 architecture could be exploited to take advantage of the SMM (System Management Mode).

They said that they have found two working exploits. One dumps the content of SMRAM, a specially protected region of system memory where the SMM code lives. The other is for arbitrary code execution in SMRAM.

A quote from the paper said: "This is the third attack on SMM memory our team has found within the last 10 months, affecting Intel-based systems.

"It seems that current state of firmware security, even in the case of such reputable vendors as Intel, is quite unsatisfying."

According to the report, French researcher Loic Duflot discovered the same attack in October 2008. He reported the issue direct to Intel, which has been in the process of preparing a workaround for the issue.

Woijczuk and Rutkowska said that Intel employees identified the cache poisoning which is at the root of the problem a few years ago.

Intel informed the researchers that it had been working on a solution to prevent caching attacks on SMM memory for a while, and also engaged with OEMs/BIOS vendors to prevent the attack.

"According to Intel, many new systems are protected against the attack," the researchers said.

"We have found out however, that some of the Intel's recent motherboards, like the popular DQ35, are still vulnerable to the attack."