Thursday, June 21, 2018
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Micron Had a Record Quarter in Terms of Revenue and Profitability
Bose Noise-Masking Sleepbuds Will Help You Sleep
Intel to Bring Silicon-Based Security to AI and Blockchain Workloads
Microsoft to Buy Bonsai to Build 'Brains' for Autonomous Systems
Instagram Unveils 10-Minute Videos, Reaches 1 Billion Monthly Users
Foxconn to Further Expand in the U.S. Market Though Vizio
Microsoft Releases Microsoft News App For Windows 10, iOS and Android
Galaxy S9 and S9+ Sunrise Gold Available in the U.S.
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > PC Parts > Researc...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, July 17, 2008
Researcher to Showcase Remote Code Execution On Intel CPUs


A researcher will demonstrate the exploitable bugs of Intel's CPUs by attacking both locally and remotely, regardless of the patches applied or operating system.

Researcher and technical writer Kris Kaspersky will actually showcase how such an attack can be made in a presentation at the upcoming Hack In The Box (HITB) Security Conference in Kuala Lumpur, Malaysia, 27th -30th October.

According to the Intel Specification Updates, Intel Core 2 has 128 confirmed bugs. Intel Itanium (designed for critical systems) is carrying over 230 bugs. They have all been confirmed by Intel and described in errata section of their specification updates. Some bugs "just" crash the system (under quite rare conditions) while the others give the attackers full control over the machine. "In other words, Intel CPUs have exploitable bugs which are vulnerable to both local and remote attacks which works against any OS regardless of the patches applied or the applications which are running," Kaspersky says.

Although CPU bugs are not something new in the security industry, nobody has come out with any proof-of-concept exploits and as it stands, there are no known malware that take advantage of these bugs, although some malware writers have actually used CPU bugs for targeted attacks.

"It is just a matter of time before we start seeing these sort of attacks used in more devastating ways over the Internet. Intel has provided workarounds to major BIOS vendors for some of these bugs, but who knows which vendor actually uses them " End-users are in the dark as to how to check if they are secure or not. Intel doesn't provide any test program for this and the worst thing is - some bugs are still not fixed. In other words, Intel has no workaround for it."

In this presentation, Kaspersky will share with the participants the finding of his CPU malware detection research which was funded by Endeavor Security. He will also present to the participants his improved POC code and will show participants how it's possible to make an attack via JavaScript code or just TCP/IP packets storms against Intel based machine. Some of the bugs that will be shown are exploitable via common instruction sequences and by knowing the mechanics behind certain JIT Java-compilers, attackers can force the compiler to do what they want (for example: short nested loops lead to system crashes on many CPUs). He also said that we would share with the participants his experience in data recovery and how CPU bugs have actually contributed in damaging our hard drives without our knowledge.


Previous
Next
Sony and Microsoft Launch "My Graphic Splash" PC Contest        All News        Sony BDP-S350 Retails in the US
Sony and Microsoft Launch "My Graphic Splash" PC Contest     PC Parts News      SuperTalent Pico Series USB Flash drives

Get RSS feed Easy Print E-Mail this Message

Related News
Intel to Bring Silicon-Based Security to AI and Blockchain Workloads
Nvidia Uses AI to Produce High-quality, 240fps Slow-motion Video From 30fps Source
IBM's AI Machine Learns to Debate Humans
Google Uses Deep Learning to Predict When a Patient Will Die
Intel to Showcase AI and HPC Demos at ISC
Deep Mind's Neural Scene Rendering System Predicts 3D Surroundings Using Its Own Sensors
New IPhones to Have Intel's 5G Modems Inside
Samsung Launches Fund to Invest in AI Startups
'Lazy State' CPU Security Hole Unveiled by Intel
Computex: Intel Introduces First 5.0 GHz Processor, 28-core CPU, 5G PCs, Fastest Ever Intel Optane SSD for Mobile
Hot Chips Symposium: Nvidia's Next Generation GPU, Intel Xeon Cascade Lake Processors and More
Intel Introduces the Optane DC Persistent Memory for Data Centers

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2018 - All rights reserved -
Privacy policy - Contact Us .