Security flay detected in Intel chips, allows hacker control of OS
By Antone Gonsalves, CSO | Jun 19, 2012
The U.S. Computer Emergency Readiness Team (US-CERT) has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems, security experts say.
The flaw was disclosed the vulnerability in a security advisory released this week. Hackers could exploit the flaw to execute malicious code with kernel privileges, said a report in the Bitdefender blog.
"Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack," the US-CERT advisory says. "The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape."
Intel did not respond to a request for comment.
Operating systems exposed to the vulnerability include Windows 7, Windows Server 2008 R2, 64-bit versions of FreeBSD and NetBSD, as well as systems that include the Xen hypervisor, Bitdefender said Friday. "While 32-bit operating systems are safe, Intel CPUs that use the Intel 64 extension need the security patches released by Microsoft in their MS12-042 security bulletin."
The flaw stems from the way the CPUs implement error handling in their version of the SYSRET instruction, which is part of the x86-64 standard defined by Advanced Micro Devices, according to the Xen community blog. "If an operating system is written according to AMD's spec, but run on Intel hardware, the difference in implementation can be exploited by an attacker to write to arbitrary addresses in the operating system's memory."
AMD processors are not affected, as well as VMware's virtualization software, which doesn't use the SYSRET instruction, Bitdefender said.
Besides Microsoft and Intel, vendors whose products are affected include Joyent, Citrix, Oracle, Red Hat and SUSE Linux, US-CERT says.
Testing the Cloud – Definitions, Requirements, and Solutions
The widespread availability of high-speed broadband networks has seen applications and web sites move into the Cloud. This use of a cloud-based infrastructure means there is no local infrastructure to purchase, manage, secure, or upgrade. The virtualized data center, whether within the enterprise or located at a cloud service provider, must be properly provisioned in order to provide the necessary functions and performanceof cloud-based applications.
Integrating the physical and the virtual
It’s not just a question of dealing with a proliferation of virtual machines. With convergence, fewer hardware resources deliver multiple capabilities and host multiple workloads.Monitoring these “anytime-anyplace” workloads creates a resource challenge, as there are a limited number of network access points.
A Case Study of Eurograbber: How 36 Million Euros was Stolen via Malware
This is a case study about a sophisticated, multi-dimensional and targeted attack that stole an estimated 36+ million Euros from more than 30,000 bank customers from multiple banks across Europe.
Symantec, Singapore school partner to nurture next-generation security talents
Symantec Corp. and the Singapore Management University will jointly train and equip IT security professionals with the latest knowledge and skill sets in information security.