Theoretical Chip Flaw could Theoretically Poison Most Intel CPUs. Theoretically Speaking


Ack! Your smokin' fast Core 2 Quad processor and other Intel chips may suffer from what security experts call "CPU cache poisoning." Sounds nasty, and according to Joanna Rutkowska who discovered the security flaw, it is.

"In this paper we have described practical exploitation of the CPU cache poisoning," Joanna Rutkowska and Rafal Wojtczuk wrote in an abstract paper (PDF) . "This is the third attack on SMM (system management mode) memory our team has found within the last 10 months, affecting Intel-based systems. It seems that the current state of firmware security, even in case of such reputable vendors as Intel, is quite unsatisfying."

Rutkowska and Wojtczuk go one to discuss proof of concept codes for arbitrary SMM code execution, which could (theoretically) lead to abuses of the super-privileged SMM mode and embedding SMM rookits. Doing so would (again theoretically) give hackers control over the affected PC. Worse yet, according to Jamey Heary, a consulting systems engineer for Cisco Systems, the hack would be "virtually undetectable."

So what does Intel have to say? "We are working with these researchers. We take this research and all reports seriously. Currently as far as we know, there are no known exploits in the wild," Intel spokesman George Alfs said in a written statement.

Get the full scoop here , then hit the jump and tell us what you think.

Around the web