Acronym interferes with another acronym
Security experts at the Invisible Things lab have found a
new vulnerability in certain Intel processors.
The SINIT feature of SMM (System Management Mode) can
interfere with TXT (Trusted eXecution Technology), allowing it to elevate
privileges, trick the SENTER instruction into not protecting a newly-loaded
hypervisor or kernel. The upshot of one acronym influencing another is that
rootkits can be developed which run at the most basic, privileged level of the
processor.
Intel has put its hand up to the flaw and issued an
advisory conceding the error and announcing a new SINIT ACM (Authenticated Code
Module) to fix the problem. Systems with Q35, GM45, PM45 Express, Q45, and Q43
Express chipsets are affected.
It is the second TXT flaw found by Invisible Things Lab.
A similar, but unrelated attack was disclosed by them and patched by Intel in
February.