New Spectre Variant can steal Data from SMM

Windows Articles

How to finish a task and force to close a program in Windows 10

Hello! We use numerous applications in Windows 10 on a daily basis. However, these programs can fail and crash. That is, it...

How to install Android on a USB key

Hi! Android is a very versatile mobile operating system because it is based on Linux kernel and other open-source software, it can...

Microsoft releases emergency update.

Security is one of the fundamental issues for Microsoft in Windows 10. In fact, since it was launched, the company has changed...

How to remove Windows 10 network credentials

Hi! Every time you access a website using Windows 10, a lot happens. In fact, the system will store the credentials to...

Top free apps for Windows 10

Hello! It is well known that Windows 10 is the most used operating system in the world. Indeed, there are many reasons...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Spectre and Meltdown vulnerabilities were more than enough to drive the security world crazy. Those were pretty intense flaws discovered to date. The bugs were present in our everyday processors and microchips for decades. Now, manufacturers are working on fixing the problem. OS vendors are already patching their systems for mitigating the security hole. However, a new variant of Spectre has appeared again. Seems like the ghost of Spectre isn’t going to leave us after all!

The new variant

Recently, security researchers from Eclypsium have detailed a new Spectre variant that is able to steal data from the strongly protected SMM (System Management Mode) CPU area. For those who didn’t know about SMM, it’s such an area in the modern processors that not even high-privileged programs like hypervisors or kernels can access or interrupt there.

The new vulnerability scope

Every time the code is sent to the SMM, the processor suspends the entire operating system. Then, it uses a part of the BIOS/UEFI firmware for executing different commands with very high elevated privilege. This leads to the codes having unlimited access to all the system hardware and data.

SMM is strongly protected and not allowed for easy access because it’s deeply connected with all the hardware and computer parts. It’s responsible for keeping the hardware alive and keep everything going smoothly.

Unfortunately, this system is really old, dating back to the early ‘90s. We didn’t get any type of improvements or additional protection for the system so far. On Intel CPUs, the SMM access is hardened with SMRR (System Management Range Register).

The Spectre for SMM memory

Security researchers from the Eclypsium team used the proof-of-concept codes of the Spectre variant 1 (CVE-2017-5753) and modified it for including the ability to bypass the SMRR protection mechanism. Thus, it allows access to the SMRAM (System Management RAM). Here, SMM stores all the important information and runs its working data.

According to the Eclypsium team, this enhanced Spectre variant will allow an underprivileged crook to read system memory including the parts that range registers protect, like SMM memory.

The bad part is, this attack was able to provide all the detailed data from the SMRAM and SMM. The research team at Eclypsium also believes that this can lead to revealing other types of information stored in the physical memory.

Original Spectre patches enough to protect users

The researchers succeeded in working around the Spectre variant 1, but they also confirmed that Spectre variant 2 can also provide the same result.

Intel was notified about the vulnerability in March. According to Intel, their patch for the Spectre variant 1 and 2 should be enough to protect users from these threats.

For experts and enthusiasts, feel free to explore and learn in-depth about the vulnerability. There are also other Spectre variants like SgxSpectre. Learn more about SgxSpectre.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to finish a task and force to close a program in Windows 10

Hello! We use numerous applications in Windows 10 on a daily basis. However, these programs can fail and crash. That is, it...

How to install Android on a USB key

Hi! Android is a very versatile mobile operating system because it is based on Linux kernel and other open-source software, it can...

Microsoft releases emergency update.

Security is one of the fundamental issues for Microsoft in Windows 10. In fact, since it was launched, the company has changed...

How to remove Windows 10 network credentials

Hi! Every time you access a website using Windows 10, a lot happens. In fact, the system will store the credentials to...

Top free apps for Windows 10

Hello! It is well known that Windows 10 is the most used operating system in the world. Indeed, there are many reasons...
x