Daily cyber threats and internet security news: network security, online safety and latest security alerts
August 28th, 2008

Intel Update For BIOS Protects From Privilege Escalation Vulnerability Discovered By Rutkowska

Intel has shipped a BIOS update with a fix for a privilege escalation vulnerability that was discussed by Rutkowska at the Black Hat briefings earlier this month but details on the exploit were withheld until Intel could release its patch.

The patch is rated important and is available to download. According to Intel’s advisory,  software running administrative (ring 0) privilege can under certain circumstances change code running in System Management Mode.

The update would prevent a malicious user from modifying software that is run in System Management Mode (SMM). SMM is a privileged operating environment running outside of OS control. Malicious software running in this environment could therefore perform any number of operations. Administrative level privileges are required to exploit this issue. BIOS updates to correct this issue are available for all affected Intel branded motherboards.

In case of Linux systems, the Ring 0 access is not strictly required to perform the attack, as it’s just enough for the attacker to get access to the PCI config space of the device 0:0:0, which e.g. on Linux can be granted to usermode applications via the iopl() system call.

Affected Intel motherboards: DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, DX38BT and MGM965TW (Mobile).

In its advisory, Intel provides a  walk-through to help identify systems at risk and detailed  instructions on updating your BIOS.

Share this item with others:

More on CyberInsecure:
  • Remote Code Execution Through Intel CPU Vulnerability Will Be Presented In Hack In The Box Security Conference
  • New BIOS Attack Might Allow Malware Survive Hard-disk Format And BIOS Reflashing
  • Intel Patches Critical Security Bug In vPro Processors
  • avast! Home And Professional aavmker4.sys Privilege Escalation
  • Six Security Vulnerabilities Updated By Adobe In Flash Player 9

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Intel Update For BIOS Protects From Privilege Escalation Vulnerability Discovered By Rutkowska

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.