A security researcher has revealed that old Intel processors based on the x86 architecture contain a serious vulnerability which has gone unnoticed for nearly twenty years, and the only fix against it for most users is to upgrade to a newer chip.
According to Christopher Domas, who presented a white paper about the vulnerability at the Black Hat Conference, pre-2010 Intel processors and quite possibly AMD processors have a design flaw which could allow attackers to install rootkits in the chip's protected space known as System Management Mode (SMM).
The rootkit can further be utilized to wreak havoc on the system in various forms such as wiping the BIOS or installing persistent malware that reinstalls itself similar to that demonstrated on the Mac recently. Domas has revealed a proof of concept code for installing such a rootkit in his white paper. Intel is reportedly aware of the situation and has released firmware updates for few chips, but still a large number are likely to remain unprotected as firmware updates are often ignored by regular users.
Although Domas hasn't explicitly carried out any tests with AMD chips, he believes that they could also be affected since they are also built on the x86 architecture. Users who haven't received any firmware upgrades for their ageing PCs should consider upgrading in the near future.
48 Comments - Add comment