Intel motherboards suffer Bios flaws

Intel has warned that a number of its desktop and server motherboards have Basic Input Output Software (Bios) security issues.

The chip company released Bios updates on Wednesday, and wrote in an in an advisory that certain models of its motherboards have privilege escalation flaws.

The vulnerabilities could allow an attacker who has gained administrative privileges to change code running in system-management mode, a privileged environment that runs outside of operating system control.

"Malicious software running in this environment could therefore perform any number of operations," Intel said in its advisory.

The hardware maker said it was not aware of the flaws being exploited, but recommended that administrators apply the Bios updates.

The affected desktop motherboards are: D5400XS, DX58SO, DX48BT2, DX38BT, DP45SG, DQ45CB, DQ45EK, DQ43AP, DB43LD, DG41MJ, DG41RQ, DG41TY, DG45ID, DG45FC, DG43NB, DP43TF, DQ35JO, DQ35MP, DG33BU, DG33FB, DG33TL, DP35DP, D945GSEJT, D945GCLF and D945GCLF2.

The affected server boards are the S3000, S3200, S5000, S5400 and S5500 series.

The flaw was uncovered by Alexander Tereshkin, Rafal Wojtczuk and Joanna Rutkowska, researchers from Invisible Things Lab. Last year, Rutkovska presented a high-privilege rootkit problem in Xen hypervisor which led to Intel putting out a Bios update.

In addition, Intel's first 34nm SSD was hit by a Bios flaw shortly after being released last week.