Threat Management, Vulnerability Management

Black Hat 2015: Zero-Day found in old Intel Chips

A researcher discovered a zero-day vulnerability inside Intel processors released between 1997 and 2010 that allows attackers to install deeply persistent rootkits, hardware modifications and system destruction, according to a release.

Christopher Domas, a security researcher with the Battelle Memorial Institute, disclosed the vulnerability in the x86 processor architecture last Thursday at Black Hat USA 2015 in Las Vegas.

The vulnerability can be used by an attacker to install malicious software in a chip's protected System Management Mode (SMM) space and erase the firmware, according to PCWorld. This could allow an attacker to install malware that is resistant to hard drive sweeps and can reinfect a victim's device even after clean installs.

An attacker needs kernel or system privileges on the victim's computer in order to carry out the assault.

Domas told the conference audience that it's possible that AMD chips are also vulnerable.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.