New security vulnerability discovered in old Intel chips

A security researcher has discovered a new and potentially harmful security vulnerability inside Intel processors released between 1997 and 2010.

A security researcher has discovered a new and potentially harmful security vulnerability inside Intel processors released between 1997 and 2010.

Security researcher Chris Domas uncovered a vulnerability in the x86 architecture of pre-Sandy Bridge silicon that would allow an attacker to install software in a chip's protected System Management Mode space, which is what controls firmware-level security. Domas has also released proof-of-concept code for the attack.

It is not known whether AMD chips are also vulnerable to this attack.

A firmware-level attack would be not only invisible to antivirus software, but also resistant to hard drive reformatting or reinstalling the operating system.

Once infected there's not much the user can do to protect themselves beyond inspecting the firmware code for anything nefarious.

The good news is that an attacker will need to have low-level access to a PC to carry out this attack. That means either taking the hands-on approach or having to use other malware to get into the system. Physical security can help with the first method, and security software with the second.

Oh, and don't hold your breath for a patch. The idea that Intel or the motherboard vendors are going to invest time and resources into patching hardware that's at least five years old just doesn't float. On the other hand, antivirus firms will no doubt be keeping an eye out for malware that's looking to exploit this vulnerability.

See also: