Attacking SMM Memory via Intel® CPU Cache Poisoning

Posted by bob on Mar 19, 2009 1:21 PM EDT
Invisible Things Lab; By Joanna Rutkowska
Mail this story
Print this story

A paper with code has been released outlining an "invisible exploit" involving Intel SMM cpu cache poisoning. Intel has not yet commented.

As promised, the paper and the proof of concept code has just been posted on the ITL website here.

A quote from the paper:

In this paper we have described practical exploitation of the CPU cache poisoning in order to read or write into (otherwise protected) SMRAM memory. We have implemented two working exploits: one for dumping the content of SMRAM and the other one for arbitrary code execution in SMRAM. This is the third attack on SMM memory our team has found within the last 10 months, affecting Intel-based systems. It seems that current state of firmware security, even in case of such reputable vendors as Intel, is quite unsatisfying.

Full Story

  Nav
» Read more about: Story Type: Security; Groups: Intel

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.