The U.S. Computer Emergency Readiness Team (US-CERT) recently published an alert regarding a vulnerability affecting Intel chips that could provide an attacker with control of a system.
"The vulnerability could allow hackers to execute code with kernel privileges while in a non-administrator account, or to gain control of a host operating system after escaping a virtual machine," writes HOTforSecurity's Liviu Arsene.
"Intel claims that this is a feature and not a bug," notes InfoWorld's David Marshall. "The company's vendor disclosure page states, 'This is a software implementation issue. Intel processors are functioning as per specifications and this behavior is correctly documented in the IntelR64 Software Developers Manual, Volume 2B Pages 4-598-599.'"
"The danger from the problem is fairly slim; users would need local login credentials and system access," writes HotHardware's Joel Hruska. "There's some risk that software running in a virtual machine could use this exploit to break out of the sandbox (so to speak), but a remote hacker couldn't leverage the problem to take over a system. "https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"Among the systems affected are the 64-bit version of Windows 7 and Windows Server 2008 R2, as well as FreeBSD, NetBSD, RedHat, and a host of systems employing the Xen hypervisor," writes Help Net Security's Zeljka Zorz. "VMware's virtualization software is not affected, and neither are AMD's processors, as they do not use the SYSRET instruction whose incorrect handling causes the flaw, or handle it differently."
"Microsoft patched the hole last week (MS12-042), shortly after US-CERT’s announcement, while FreeBSD warned customers in a message the flaw could cause kernel data corruption or crash computers and encouraged users to update their system or apply the requisite binary or source code patches," writes Threatpost's Christopher Brook.