64-bit OSs, virtualization software on Intel chips vulnerable to hacks

zigzag3143 · Jun 14, 2012

Some 64-bit operating systems and virtualization software programs are vulnerable to local privilege escalation attacks when running on Intel processors (CPUs), the U.S. Computer Emergency Readiness Team (US-CERT) said in a security advisory on Wednesday.

http://www.itworld.com/software/281...-software-vulnerable-privilege-escalation-att

http://www.computerworld.com/s/arti...nerable_to_hacks?source=rss_keyword_microsoft

JMH · Jun 15, 2012

64-bit Operating Systems, Virtualization Software Vulnerable to Privilege Escalation

Some 64-bit operating systems and virtualization software programs are vulnerable to local privilege escalation attacks when running on Intel processors (CPUs), the U.S. Computer Emergency Readiness Team (US-CERT) said in a security advisory on Wednesday.

The vulnerability is identified as CVE-2012-0217 and stems from the way Intel CPUs have implemented the SYSRET instruction in their x86-64 extension, known as Intel 64.

Attackers could exploit the vulnerability to force Intel CPUs to return a general protection fault in privileged mode. This would allow them to execute code with kernel privileges from a least-privileged account, or to escape from a virtual machine and gain control of the host operating system.

http://www.pcworld.com/businesscent...ivilege_escalation_attacks_on_intel_cpus.html

64-bit OSs, virtualization software on Intel chips vulnerable to hacks

zigzag3143

Contributor, Sysnative Staff Emeritus

JMH

Emeritus, Contributor