Intel Update For BIOS Protects From Privilege Escalation Vulnerability Discovered By Rutkowska
Intel has shipped a BIOS update with a fix for a privilege escalation vulnerability that was discussed by Rutkowska at the Black Hat briefings earlier this month but details on the exploit were withheld until Intel could release its patch.
The patch is rated important and is available to download. According to Intel’s advisory, software running administrative (ring 0) privilege can under certain circumstances change code running in System Management Mode.
The update would prevent a malicious user from modifying software that is run in System Management Mode (SMM). SMM is a privileged operating environment running outside of OS control. Malicious software running in this environment could therefore perform any number of operations. Administrative level privileges are required to exploit this issue. BIOS updates to correct this issue are available for all affected Intel branded motherboards.
In case of Linux systems, the Ring 0 access is not strictly required to perform the attack, as it’s just enough for the attacker to get access to the PCI config space of the device 0:0:0, which e.g. on Linux can be granted to usermode applications via the iopl() system call.
Affected Intel motherboards: DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, DX38BT and MGM965TW (Mobile).
In its advisory, Intel provides a walk-through to help identify systems at risk and detailed instructions on updating your BIOS.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.