Can you say Blue Pill??????? John W. Cook Systems Administrator Partnership For Strong Families 315 SE 2nd Ave Gainesville, Fl 32601 Office (352) 393-2741 x320 Cell (352) 215-6944 Fax (352) 393-2746 MCSE, MCTS, MCP+I,CompTIA A+, N+
-----Original Message----- From: Phil Brutsche [mailto:[email protected]] Sent: Thursday, March 19, 2009 1:41 PM To: NT System Admin Issues Subject: Re: Rut roh Raggy: Exploit code targeting major Intel chip flaw to be posted 3/19/09 Ben Scott wrote: > Sounds like yet another reason to run as an regular user, not with > administrator rights. (Ring 0 being supervisor mode on i386; Ring 3 > is user mode, IIRC.) In this case ring 0 is the kernel. All user level processes - regardless of whether the user is root or Administrator or john.smith - run in ring 3. From the CPU perspective administrative vs non-administrative processes are indistinguishable as they are an OS-specific construct. Based on the 4th paragraph in the article, it looks like it would primarily afflict CPUs that have hardware virtualization support (and said support turned on). One hypothetical exploit would be to bypass the hypervisor of, say, ESX and break out of the guest OS and take over the physical machine. -- Phil Brutsche [email protected] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
