subject:"Re\: \[DNG\] OT\: Intel SMM exploit"

Re: [DNG] OT: Intel SMM exploit

2016-07-08 Thread Florian Zieboll

On Sun, 3 Jul 2016 18:41:33 +0200
Florian Zieboll  wrote:

> 
> Hallo list,
> 
> just for the case you didn't read it yet: Intel's "ring -2" System
> Management Mode is starting to disintegrate. 


Update:

The list of reportedly affected vendors has grown to include: 

Dell

Fujitsu

Gigabyte 

Hewlett Packard


Source: https://github.com/Cr4sh/ThinkPwn/blob/master/README.TXT


libre Grüße,

Florian


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] OT: Intel SMM exploit

2016-07-04 Thread dev1fanboy

Ok, so this looks pretty serious. Specific processors or all intels?

Cheers,

chillfan

On Sunday, July 3, 2016 5:41 PM, Florian Zieboll  wrote:
> Hallo list,
> 
> just for the case you didn't read it yet: Intel's "ring -2" System
> Management Mode is starting to disintegrate.
> 
> Lenovo Security Advisory:  LEN-8324
> Potential Impact:  Execution of code in SMM by an attacker with local
> administrative access
> Severity:  High
> Scope of Impact: Industry-wide
> 
> Money Quote:
> 
> | Importantly, because Lenovo did not develop the vulnerable SMM code
> | and is still in the process of determining the identity of the
> | original author, it does not know its originally intended purpose.
> 
> https://support.lenovo.com/de/en/solutions/LEN-8324
> 
> http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html
> https://github.com/Cr4sh/ThinkPwn
> 
> 
> libre Grüße,
> 
> Florian
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
-- 
Take back your privacy. Switch to www.StartMail.com
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] OT: Intel SMM exploit

Re: [DNG] OT: Intel SMM exploit

2 matches

Site Navigation

Mail list logo

Footer information