Intel CPU曝重大安全漏洞 隱形攻擊無解
- 主題發起人 harker1113
- 開始日期
memory6610
進階會員
- 已加入
- 3/15/07
- 訊息
- 256
- 互動分數
- 0
- 點數
- 0
NYboy
完美世界... 懷念...
- 已加入
- 2/9/09
- 訊息
- 771
- 互動分數
- 0
- 點數
- 0
原文... 
看嚨無... 英文不好...
看起來都... 沒有完整的解釋...
只是一再轉貼... 沒有人願意討論一下....
簡單的說就是...CPU指令集... 的進程存取... :o
出現了硬體上的漏洞... SMM back door...
那也是屬於CPU記憶体存取的一部份...
那部分是無法從軟體去存取到的...
所以只要病毒或木馬跑進去那里面... 防毒軟體SMM就無法掃到...
任由病毒木馬... 藏在里面... :o
不過只要斷電... 那空間就清空了...
而且病毒木馬要執行... 也必需要先執行程式...
才能跑進去CPU的SMM指令集...
電腦初心者的一點心得內... 歡迎指導...
This one delves pretty deep into head-scratching territory,
but it looks like the folks at Invisible Things Lab have discovered an exploit that could open the door
to some potentially serious attacks on certain Intel CPUs paired with some popular motherboards.
Of course, the exploit that they've actually released is completely harmless, but it demonstrates that the
CPU cache can be "poisoned" to let folks read and write into the otherwise protected SMRAM memory.
As NetworkWorld notes, that could lead to some more nefarious folks developing a SMM rootkit,
which would be all the more perilous considering that the user of the infected computer would
have no way of detecting the attack. For its part, Intel is apparently well aware of the problem,
and it has already fixed the vulnerability on some newer boards like the DQ45,
but others still in widespread use (like the DQ35 pictured above) have seemingly been left hanging waiting for a fix of some sort.
[Via Network World, thanks Andrew]
Filed under: DesktopsNew SMM exploit targets Intel CPU caching
vulnerability originally appeared on Engadget on Thu, 19 Mar 2009 20:16:00 EST
看嚨無... 英文不好...
看起來都... 沒有完整的解釋...
只是一再轉貼... 沒有人願意討論一下....
簡單的說就是...CPU指令集... 的進程存取... :o
出現了硬體上的漏洞... SMM back door...
那也是屬於CPU記憶体存取的一部份...
那部分是無法從軟體去存取到的...
所以只要病毒或木馬跑進去那里面... 防毒軟體SMM就無法掃到...
任由病毒木馬... 藏在里面... :o
不過只要斷電... 那空間就清空了...
而且病毒木馬要執行... 也必需要先執行程式...
才能跑進去CPU的SMM指令集...
電腦初心者的一點心得內... 歡迎指導...
This one delves pretty deep into head-scratching territory,
but it looks like the folks at Invisible Things Lab have discovered an exploit that could open the door
to some potentially serious attacks on certain Intel CPUs paired with some popular motherboards.
Of course, the exploit that they've actually released is completely harmless, but it demonstrates that the
CPU cache can be "poisoned" to let folks read and write into the otherwise protected SMRAM memory.
As NetworkWorld notes, that could lead to some more nefarious folks developing a SMM rootkit,
which would be all the more perilous considering that the user of the infected computer would
have no way of detecting the attack. For its part, Intel is apparently well aware of the problem,
and it has already fixed the vulnerability on some newer boards like the DQ45,
but others still in widespread use (like the DQ35 pictured above) have seemingly been left hanging waiting for a fix of some sort.
[Via Network World, thanks Andrew]
Filed under: DesktopsNew SMM exploit targets Intel CPU caching
vulnerability originally appeared on Engadget on Thu, 19 Mar 2009 20:16:00 EST
