A security researcher: a defect in the design of Intel processors opens the door for attackers

Security researcher Christopher Dumas revealed on Thursday during the Black Hat conference defect my design in the Intel processor architecture x86, and said the security researcher that this imbalance dates back to almost two decades, and allows flaw an attacker to install malicious software of the type of rootkit / rootkit at a low level of architectural computer processor, this malware can be undetectable by security products.The imbalance through feature has been added to the processors of architectural x86 1997, an attacker could take advantage of this flaw, where the attackers to install malicious software in the system management mode the processor / SMM, and are protected from the code that supports all fixed security features area in modern computers.Once you install this malware one-time can be used in the devastating attacks such as the possibility of Mohi-boot computer / BIOS system, or the latest version of it UEFI, or even can be an attacker can re-infection of the operating system, so even if the user has installed a new version of the operating system, and features protection does not help because they can not have access to safe SMM area.Intel did not respond or comment on the words of the security researcher, according to Dumas, the Intel corporation has informed on this issue and has Avaljha in the latest processors, and said that the company is offering firmware updates for the software for the old processors, but not all the old processors can get this update.The expert added that to exploit this flaw and install malware the attacker needs to have the powers on the PC, and this means that the flaw can not be used by itself or cause damage without that there is a direct access between the spoiler and the computer.The Dumas test bugs and succeeded in doing so only on Intel processors, but said that the company AMD processors of the x86 architecture may be of the same flaw in theory and it is also vulnerable to exploitation.He added that in the case of access to software updates for BIOS / UEFI existing, it remains scary because a lot of ordinary users do not know what are the software and how to update them.