Intel x86 processor design error open to rootkits


Intel processors from the late 90s reportedly have a hidden flaw that allows rootkits to be installed by malicious actors.

A security researcher has claimed that a design flaw in the x86 processor from 1997 has lain undiscovered until now and would allow attackers to implement a root kit in the low-level firmware that is virtually undetectable by security products, reports PC World.

The feature added to the x86 architecture in 1997 was disclosed at the Black Hat security conference by Christopher Domas from the Battelle Memorial Institute. Domas revealed that the toolkit can be successfully installed in the System Management Mode (SMM).

Once an attacker has done that, the flaw can be used to delete the UEFI (Unified Extensible Firmware Interface), the BIOS or reinfect the OS following a clean install. Domas goes on to add that starting up in Secure Boot mode won't help one jot as that relies on the SMM to run correctly.

AMD as well?

Before panic sets in, be advised that attackers need to have kernel or system privileges on the computer in question to be able to exploit the flaw. Domas also went on to claim that x86 processors made by AMD may even be affected, however, no testing has been done to indicate that as being the case.

To prevent the flaw being exploited, Intel is rolling out firmware updates for older processors and has mitigated against the issue in its latest CPUs, however, Domas claimed that not all of the older processors can even be patched.