Kris Kaspersky, author of numerous books on reverse engineering and software engineering, will be presenting his research on remote code execution through Intel CPU bugs at the upcoming Hack in the Box Security Conference in Malaysia.
Kris Kaspersky, author of numerous books on reverse engineering and software engineering, will be presenting his
"George Alfs, a spokesman for Intel, said he has not yet seen Kaspersky's research, nor has he spoken to him about it. "We have evaluation teams always looking at issues. We'll certainly take a look at this one," said Alfs. "All chips have errata, and there could be an issue that needs to be checked. Possibly. We'd have to investigate his paper."
BIOS based rootkits are nothing new with John Heasman's research into Implementing and Detecting a PCI Rootkit, published in 2006. And with the possibility of malware hiding at the lowest possible level already a fact, what will be very interesting to monitor is a universal remote code execution based on chip's manufacturer. Everything is possible, the impossible just takes a little longer.