The Inquirer-Home

Intel CPU flaw is vulnerable to hacker attacks

Updated Allows execution of malicious code to gain control of 64-bit Windows OS
Mon Jun 18 2012, 12:16
Intel logo

INTEL 64-BIT CHIPS are considered vulnerable to malware attacks, as a flaw has been discovered by the US Computer Emergency Readiness Team (US-CERT).

Security firm Bitdefender highlighted discovery of the threat, which is due to the way Intel implemented the SYSRET instruction in its x86-64 extension.

The vulnerability could allow hackers to exploit the flaw to execute malicious code with kernel privileges, gaining control of Windows and other operating systems, said a report in the Bitdefender blog.

"Some 64-bit operating systems and virtualisation software running on Intel CPU hardware are vulnerable to a local privilege escalation attack," the US-CERT disclosed in a security advisory released late last week. "The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape."

Bitdefender said that several x86-64 based operating systems like Windows 7, Windows Server 2008 R2, 64-bit FreeBSD, 64-bit NetBSD, as well as operating systems that include the Xen hypervisor are exposed to the flaw.

However, it said that while 32-bit operating systems are safe, "Intel CPUs that use the Intel 64 extension need the security patches released by Microsoft in their MS12-042 security bulletin."

Bitdefender advised that AMD chip users don't have to worry about the 'privilege escalation exposure' alert issued by US-CERT, because the SYSRET instruction is handled differently on AMD CPUs.

Update
Subsequent to posting this article, we heard back from Intel. It said,

"[The] main point is that this is a software implementation issue and that our processors function as per specifications as documented in our Intel 64 Software Developers Manual."

When asked why thisn issue occurs in Intel processors and not AMD, Intel replied,

"Intel and AMD processors handle a General Protection Fault in different privilege levels during execution of a SYSRET instruction with a non-canonical return address. The Xen software incorrectly assumes that the Intel processor functions the same as AMD and doesn't handle this difference correctly." µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Dead electronic devices to be banned on US-bound flights

Will the new rules banning uncharged devices be effective?