Exploiting CPU bugs!

[pikus]

Kris Kaspersky, an indipendent researcher, which doesn't have anything in common with the Software house confirmed that it's possible to exploit the bugs of Intel CPU to compromise a local or remote PC.

He will catch the occasion to demonstrate this in the Hack In The Box Security Conference 2008.

We are sure about bust in the CPU but until now, the possibility to exploit them was just an hipotesys, but Kaspersky will present this possibility in the HITBSC2008 event.
Intel confirmed that Intel Core 2 and Itanium have respectively 128 and 230 bugs

How to exploit those bugs? Kaspersky will violate those systems with JavaScirpt and TCP/IP code, not depending on the OS installed. He says "Any OS regardless of the patches applied!!"
Kaspersky says that the only way to protect the systems is to upgrade the BIOS. Intel has given to major BIOS producents the workarounds, but the BIOS producents do not tell to the Customers what has been fixed and what no

Nice... so, how to be secure? What if it will be a common issue and all the "new hackers" will concentrate on exploiting those bugs? What will happen? Let's wait till 27-30 October 2008.


Following some of Kaspersky's English pubblications:

* Hacker Disassembling Uncovered: Powerful Techniques To Safeguard Your Programming (ISBN: 1931769222);
* Hacker Disassembling Uncovered: Second Edition, totally rewritten (ISBN-10: 1931769648);
* CD Cracking Uncovered: Protection Against Unsanctioned CD Copying (ISBN-10: 1931769338);
* Data Recovery: Tips and Solutions: Windows, Linux, and BSD (ISBN-10: 1931769567);
* Code Optimization: Effective Memory Usage (ISBN-10: 1931769249);
* Shellcoder’s Programming Uncovered (ISBN-10: 193176946X);
* Hacker Debugging Uncovered (ISBN-10: 1931769400)