On Sat, 9 Jul 2016 18:13:02 -0400 (EDT) "D. Hugh Redelmeier via talk" <[email protected]> wrote: > <http://www.itnews.com.au/news/lenovo-hunts-bios-backdoor-bandits-430208> > <http://www.itnews.com.au/news/lenovo-thinkpad-zero-day-bypasses-windows-security-430090> > <https://github.com/Cr4sh/ThinkPwn> > <https://support.lenovo.com/ca/en/solutions/LEN-8324> > Summary: a call-out from SMM code can lead to privilege escalation. > This code seems to have originated at Intel. Lots of machines will > have this bug. >
this is not a bug, it is more of a feature/functionality and as with anything that makes things easy (as in power management, etc), it also makes things less secure I do understand that for LENOVO this is a "bug" as they did not anticipate that this feature could be used to override their security (infiltrated by their own ibv ) a quick google search confirms this... http://phrack.org/issues/65/7.html not secret/mystical much... www.intel.com/content/dam/www/public/us/en/documents/reference-guides/efi-smm-cis-v09.pdf as always ymmv Andre > (SMM == System Management Mode, an almost secret and magical part of > the firmware that can run at any time without the OS or user program > knowing or controlling it. It has even more privilege than the > kernel.) > > I expect firmware updates conscientious manufacturers for many many > systems. > > I have no idea how easy this is to exploit. > --- > Talk Mailing List > [email protected] > https://gtalug.org/mailman/listinfo/talk --- Talk Mailing List [email protected] https://gtalug.org/mailman/listinfo/talk
