ACM News Service

ACM TechNews

Researcher to Demonstrate Attack Code for Intel Chips
IDG News Service (07/14/08) Lemon, Sumner
A security researcher at this year's Hack In The Box (HITB) Security Conference in Kuala Lumpur, Malaysia, will demonstrate how to attack a computer through vulnerabilities in Intel's microprocessors. Kris Kaspersky plans to show attendees of the October conference how processor bugs, or errata, can be manipulated to give an attacker full access on the kernel level or even take down a system. The risk from these kinds of attacks is rising, and processors may carry hundreds of millions of errata without ever being aware of their existence. "It's possible to fix most of the bugs, and Intel provides workarounds to the major BIOS vendors," Kaspersky states. "However, not every vendor uses it and some bugs have no workarounds." Kaspersky's proof-of-concept attack will take place on a spectrum of operating systems that use JavaScript or TCP/IP packets. These systems include Windows XP, Vista, Windows Server 2003, Windows Server 2008, Linux, and BSD.

full paper
© Copyright 2008 Information, Inc. This service may be reproduced for internal distribution.