By Adrian Kingsley-Hughes August 10, 2015
Security researcher Chris Domas uncovered a vulnerability in the x86 architecture of pre-Sandy Bridge silicon that would allow an attacker to install software in a chip's protected System Management Mode space, which is what controls firmware-level security. Domas has also released proof-of-concept code for the attack.
It is not known whether AMD chips are also vulnerable to this attack.
A firmware-level attack would be not only invisible to antivirus software, but also resistant to hard drive reformatting or reinstalling the operating system. Once infected there's not much the user can do to protect themselves beyond inspecting the firmware code for anything nefarious.
The good news is that an attacker will need to have low-level access to a PC to carry out this attack. That means either taking the hands-on approach or having to use other malware to get into the system. Physical security can help with the first method, and security software with the second.
Read more here --> zdnet.com
No comments:
Post a Comment