Can Intel CPU Bugs Lead to Remote Code Execution Exploits?


ZDNet's ZeroDay security blog reports that software engineering and reverse engineering expert and author Kris Kapersky is ready to prove that bugs in Intel CPUs can be exploited by various types of attacks. Kapersky will be speaking at the 2008 Hack in the Box Security Conference in Kuala Lumpur, Maylasia, in October.

Kapersky's presentation (abstract available here ; it also includes a brief biography and booklist) indicates he will document his hypothesis with various proofs of concept, including JavaScript, JIT Java compilers, and TCP/IP packet storms. It's important to note that Kapersky contends that the bugs he claims are present in Intel processors are not operating-system specific.

ZeroDay says that Intel will be watching closely, and that goes for all of us in the PC business. For those of us who use AMD processors in addition to (or instead of) Intel, we're also wondering if similar vulnerabilities lurk inside AMD silicon.

Around the web

by CPMStar (Sponsored) Free to play