Security researcher and author Kris Kaspersky plans to demonstrate how an attacker can target flaws in Intel"s microprocessors to remotely attack a computer using javascript or TCP/IP packets, regardless of what operating system the computer is running.
Kaspersky will demonstrate how such an attack can be made in a presentation at the upcoming Hack In The Box (HITB) Security Conference in Kuala Lumpur, Malaysia, during October. The proof-of-concept attacks will show how processor bugs, called errata, can be exploited using certain instruction sequences and a knowledge of how Java compilers work, allowing an attacker to take control of the compiler.
"I"m going to show real working code...and make it publicly available," Kaspersky said, adding that CPU bugs are a growing threat and malware is being written that targets these vulnerabilities.