Attacks On Intel's System Management Mode


Recommended Posts

Attacks on Intel's System Management Mode

Joanna Rutkowska and Loic Duflot have simultaneously disclosed details of vulnerabilities in Intel's caching mechanisms, which permit the injection of code into the System Management Mode and ultimately the placing of a virtually invisible rootkit.

"System Management Mode (SMM) is a relatively obscure mode on Intel processors used for low-level hardware control", explain Embleton, Sparks and Zou in a paper on SMM rootkits that's well worth reading. "It has its own private memory space [sMRAM], and execution environment which is generally invisible to code running outside [it.]" By poisoning the cache of the CPU, Rutkowska can successfully inject her own code, which then runs with maximum privileges, while remaining invisible to the operating system and applications.

http://www.h-online.com/security/Attacks-o...e--/news/112903

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...