http://www.itworld.com/article/29658...cher-says.html
Now that this has become known, how quickly do you think it will take before we see this being exploited in the wild?
http://www.itworld.com/article/29658...cher-says.html
Now that this has become known, how quickly do you think it will take before we see this being exploited in the wild?
That doesn't say "goat stimulator". It says "Goat Simulator".
mikerr (09-08-2015)
Millennium (09-08-2015)
Oh well there goes my planned Skylake build !
(jokin)
hexus trust : n(baby):n(lover):n(sky)|>P(Name)>>nopes
Be Careful on the Internet! I ran and tackled a drive by mining attack today. It's not designed to do anything than provide fake texts (say!)
I've seen some posts on Hacker News over the last few months about SMM, so this isn't exactly breaking news.
So it sounds like a CPU firmware patch can help, which I believe Microsoft, Apple, and Ubuntu updates can all distribute. Also root/admin permissions are needed anyway, at which point it's kind of too late. As stated though it could lead to permanently undetectable infection. I'd bet some government agency has been exploiting this for years.According to Domas, the chip maker is aware of the issue and has mitigated it in its latest CPUs. The company is also rolling out firmware updates for older processors, but not all of them can be patched, he said.
To exploit the vulnerability and install the rootkit, attackers would need to already have kernel or system privileges on a computer. That means the flaw cant be used by itself to compromise a system, but could make an existing malware infection highly persistent and completely invisible.
...
Even if BIOS/UEFI updates are made available by computer manufacturers, their rate of adoption is likely to be very low, especially among consumers.
Output (09-08-2015)
I wasn't aware of the Hacker News posts, so this was the first I had heard of it.
My main thought was that there is likely still many people on older kit that for all we know may not have it mitigated, particularly those that are more susceptible to getting infected by malware that could fall victim to it.
Thinking about it with the details given though as Peter Parker reiterates, even if you do use a susceptible CPU it sounds like any other malware scenario - that you just need to use common sense as usual and you should hopefully be able to avoid it.
I think I basically interpreted the article as saying "Most CPUs are probably vulnerable, everyone should get ready for hell."
Last edited by Output; 09-08-2015 at 10:56 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)