Intel SMM exploit published

SMM (System Management Mode) is the portion of the Intel processors that runs above the hypervisor. Researchers have found a way to exploit the Intel caching mechanisms to jump from the hypervisor at ring 0 up a level to SMM. The only way to detect the exploit is to disassemble the system and perform some hardcore analysis. Compromising SMM allows you to communicate with services at lower rings for rootkits, etc.

This is not a new disclosure. Flaws in intel caching have been reported since 2005.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.