SoylentNews is people
SoylentNews
El Reg published an article about a security flaw introduced by Intel starting with its Pentium Pro line of processors--and left in place for fifteen years, fixing it only in 2011--and also comes with instructions on how to exploit it. So, if you have any pre-2011 processor running some important machine, perhaps you should be thinking of an upgrade after you finish reading the article.
From the article:
It allows smart hackers to run rootkit code at the very lowest level on the computer, out of reach of the operating system, its applications, and even the hypervisor. This means the rootkit can, among other things, silently monitor and record the user's every keypress, mouse click, and download.
Efforts to detect the rootkit and eradicate it from a computer can be blocked, or hampered, by the malware itself. A nightmare, in other words.
The good news is that Intel spotted the howler in its processor blueprints, and corrected the issue: chips built from January 2011 and onwards (Sandy Bridge Core CPUs and later) are not affected. Also, operating systems can mitigate against the security hole at the hypervisor level, thus protecting themselves from miscreants exploiting the design flaw...
This kind of thing makes me want to go back to using a pocket calculator.
(Score: 3, Interesting) by caseih on Wednesday August 12 2015, @01:13AM
Doesn't Intel have microcode updates to fix things like this? When Linux distros say on boot, "applying microcode update" what is that referring to?
(Score: 1, Funny) by Anonymous Coward on Wednesday August 12 2015, @01:30AM
Tux is pissing on your CPU to mark his territory for Linux world domination, obviously.
(Score: 0) by Anonymous Coward on Wednesday August 12 2015, @09:25AM
This reminds me of updating the boot record [24b6.net] on my old ppc macs!
(Score: 0) by Anonymous Coward on Wednesday August 12 2015, @03:12AM
Note the term "blueprints". This was a physical problem. Good luck patching a processor itself.
(Score: 0) by Anonymous Coward on Wednesday August 12 2015, @05:30AM
Because it's obviously impossible to make software drive hardware... that's why we use fully mechanical computers by Babbage.
(Score: 2) by maxwell demon on Wednesday August 12 2015, @06:15AM
The attack requires to run a specific instruction (wrmsr) to be run with a parameter in a specific range (the memory range reserved for SMM). So the microcode could just look for that instruction/parameter and prevent its execution.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by morgauxo on Wednesday August 12 2015, @03:50PM
If they did then why would they. It's just coming to light now. 2011 is long enough ago the press they will receive will not be damaging to their sales. Meanwhile the bug is a reason why people who are holding on to older hardware that is otherwise 'good enough' for their needs to shell out more money to buy new. This is a win for Intel!