Published at LXer:
Note: The following post is a guest blog submitted to Microsoft Subnet by a security expert who wished to remain anonymous. Joanna Rutkowska recently released her new security whitepaper and exploit code entitled Attacking SMM Memory via Intel CPU Cache Poisoning. The thing that struck me about her research is just how easy this is to do. There is nothing super fancy or complex about the exploit code. Due to its simplicity, the odds are very high that this attack vector has been in use, even before this research published last month. Still, because this attack is so stealthy, we wouldn’t necessarily have been able to detect it.
Read More...