In a shocking (at least to me) discovery, a vulnerability flaw was found in Intel hardware. The chip that detects CPU core temperature and shuts down the computer if temperature is over a certain limit to minimize damage can be exploited.

The chip freezes the computer momentarily, enters System Management Mode and dumps the RAM. After that is done (to minimize data loss) the computer unfreezes, and emergency reponse software is run from the RAM.

All an attacker has to do to exploit this flaw is cause the chip to detect high temperatures either through actually heating up the CPU one way or another or through accessing the chip and using a fault in the design of it to activate it. The attacker can then replace the stored RAM containing the emergency response software with custom software that will give the attacker full administrative rights.

Every computer that currently runs on the x86 architecture is vulnerable to this exploit including thousands of computers used by the US government.

Read full story here: http://www.fcw.com/article94010-04-10-06-Print

Oh great... the last place where you want to have bugs... your hardware. :sad:

But it sounds like a pretty complicated process so lets hope noone will write a tutorial or release the source of a proof-of-concept virus so it won't be exploited anywhere in the near future. At least not until I buy a new computer (end of the year, lets hope they fixed it in the Conroe core by then).

Proud to be an AMD guy. I guess that sucks for all of the really intensive games and encoding they'll be doing :)


sumguy: OMFG W00T I JUSS GAWT TEH HIGHSCORE!!!
*reboot*
sumguy: I forgot to save....*cries*

I guess that sucks for all of the really intensive games and encoding they'll be doing :)well.... that's not really the vulenerability, the chip stopping the computer if the CPU overheats is exactly what it's supposed to do, the problem is that now we find out that somone can stop the reboot and instead make himself admin by replacing a few pointers in the RAM to custom recovery software.

yay for my AMD athlon 3400+ :D

But i guess the same can do for any chip type is the flaw is as simple as the core temp...?

Rented

if you visit the tech section, some1 posted a link to a review of the new conroes by a tester, its like twice the power of an FX-60 !!! :P i thought intel were on the way up, about to start a proper cpu war with low prices, but if probs like this keep on occuring that could spoil all

but if probs like this keep on occuring that could spoil allwell theoretically they might have fixed the problem in the conroe chip because it is not the x86 architecture anymore. The article only said this vulenerability was in the x86 architecture

Ick. There always has to be something, I heard something like this not to long ago...
Sigh.

What i think?

DON'T WORRY.

This is a safety mechanism; if this "bug" were taken out, then if an attacker found someway to heat up the processor past safe temperatures, instead of rebooting, the chip would FRY and be no longer usable. Besides that, do you think windows has anyway in the world to FOOL the chip into displaying the wrong temperatures? There is no plausible reason for having a temperature sensor be anything but read only.

I really don't think this article has any real substance; it talks about the intel chip and then halfway through switches to VOIP...wtf is up with that?

i'm not really worried about it. vulnerabilities are found all the time. OMG HAX!

okay you guys clearly dont understand this

THE BUG ISNT IN THE OVERHEATING OF THE CHIP

its *supposed* to shut down

here is the bug, pay attention:
when the chips does this, instead of simply shutting down or rebooting, it shuts down and it loads recovery software directly from ram, now if a hacker were to replace this code in ram with their own code, and then cause the chip to overheat, his code would run with administrative access

THE OVERHEATING IS THE DELIVERY METHOD, NOT THE BUG



also luck777jojo made a new point about the new chip not being on the same arch

basically the fault is that because the recovery software is not hard coded into the chip but is soft coded overlying bios, etc. the error can be exploted.

The article says all x86 chips are theoretically vulenerable; however, AMD (which uses the x86 architechture too, I think) is not vulenerable since the recovery software for AMD had to be hardcoded onto the mobo