Jump to content
Login new information ×
Login new information

64-bit OSs, VMs Vulnerable to Privilege Escalation Attacks on Intel CPUs

nsane.forums

By nsane.forums
in Security & Privacy News

Recommended Posts

nsane.forums

nsane.forums

Posted
Posted

Some 64-bit operating systems and virtualization software programs are vulnerable to local privilege escalation attacks when running on Intel processors (CPUs), the U.S. Computer Emergency Readiness Team (US-CERT) said in a security advisory on Wednesday.

The vulnerability is identified as CVE-2012-0217 and stems from the way Intel CPUs have implemented the SYSRET instruction in their x86-64 extension, known as Intel 64.

Attackers could exploit the vulnerability to force Intel CPUs to return a general protection fault in privileged mode. This would allow them to execute code with kernel privileges from a least-privileged account, or to escape from a virtual machine and gain control of the host operating system.

The vulnerability can only be exploited on Intel CPUs when the Intel 64 extension is in use. This means that 32-bit operating systems or virtualization software are not vulnerable.

Some of the operating systems confirmed as vulnerable so far include x64-based versions of Windows 7 and Windows Server 2008 R2, the 64-bit versions of FreeBSD and NetBSD, the Xen virtualization software, as well as Red Hat Enterprise Linux and SUSE Linux Enterprise Server, which include the Xen hypervisor by default.

The VMWare security response team confirmed that VMware's hypervisor does not make use of the SYSRET instruction and is, therefore, not vulnerable to this attack, US-CERT said.

Most of the affected vendors have released security patches to address this vulnerability and users are advised to install them as soon as possible. Microsoft addressed it on Tuesday as part of its MS12-042 security bulletin.

The privilege escalation attack is not applicable to AMD processors because they handle the SYSRET instruction differently, the Xen security team said in their advisory. However, under similar attack conditions, older AMD CPUs might lock up, resulting in a denial of service condition, the team said.

Posted Image View: Original Article

Link to comment
Share on other sites
  • Replies 5
  • Views 1.6k
  • Created
  • Last Reply
Avitar

Avitar

Posted
Posted

OMG I HAVE THIS VIRUS. I HAVE BEEN FIGTING IT FOR A WEEK NOW!!!!

Somebody please link me to the update... Using windows update crashes.

Link to comment
Share on other sites
MrVoice

MrVoice

Posted
Posted

Another reason I HAVE NEVER and WILL NEVER use Intel products for the personal computers I build/buy. Shady business practices lead to shady products. Never trust the big guy, I'll take the underdog every time.

Link to comment
Share on other sites
spudboy

spudboy

Posted
Posted

OMG I HAVE THIS VIRUS. I HAVE BEEN FIGTING IT FOR A WEEK NOW!!!!

Somebody please link me to the update... Using windows update crashes.

The fix was included in May 12th's Windows Updates, but you can find the version you need here:

http://technet.microsoft.com/en-us/security/bulletin/MS12-042

The

Another reason I HAVE NEVER and WILL NEVER use Intel products for the personal computers I build/buy. Shady business practices lead to shady products. Never trust the big guy, I'll take the underdog every time.

That's one of the most ridiculous things I've read recently. That's like saying I'm never going to use the internet because there may be a security vulnerability floating around somewhere that my A/V might not catch. Do you honestly think there's not a single flaw with AMD processors?

Link to comment
Share on other sites
MrVoice

MrVoice

Posted
Posted

OMG I HAVE THIS VIRUS. I HAVE BEEN FIGTING IT FOR A WEEK NOW!!!!

Somebody please link me to the update... Using windows update crashes.

The fix was included in May 12th's Windows Updates, but you can find the version you need here:

http://technet.micro...lletin/MS12-042

The

Another reason I HAVE NEVER and WILL NEVER use Intel products for the personal computers I build/buy. Shady business practices lead to shady products. Never trust the big guy, I'll take the underdog every time.

That's one of the most ridiculous things I've read recently. That's like saying I'm never going to use the internet because there may be a security vulnerability floating around somewhere that my A/V might not catch. Do you honestly think there's not a single flaw with AMD processors?

Not sure you read my whole post. I made it clear that's ONE reason I can add to the list of MANY other reasons I will not purchase anything from Intel. Next time try not jumping to conclusions just so you can beat someone over the head with a non-point.

Link to comment
Share on other sites
Avitar

Avitar

Posted
Posted

I have given up on Windows. Lo and behold, Mac OSX can run on my laptop cleanly :) I have switched ^_^

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...