Uncategorized

Alex on Intel segmentation

[…]What I discovered completely changed my understanding of 64-bit Long Mode semantics and challenged many assumptions I was making – pinging a few other experts, it seems they were as equally surprised as I was (even Mateusz”j00ru” Jurczyk wasn’t aware!). Throughout this blog post, you’ll see how x64 processors, even when operating in 64-bit long mode[…]

http://www.alex-ionescu.com/?p=340

See-also:
http://j00ru.vexillium.org/?p=290

 

 

Standard
Uncategorized

Intel Graphics Driver for Windows: DoS vulnerability

Excerpt of advisory below, see full one for list of drivers impacted.

DoS in Kernel in multiple versions of the Intel Graphics Driver allows local attacker to perform a DoS via an Out of Bounds Read

Intel ID: INTEL-SA-00077
Product family: Mobile, Desktop, Server, Workstation, and Embedded processors based on Intel® Core™ and Atom™ Processors using an affected driver.
Impact of vulnerability: Denial of Service
Severity rating: Moderate
Original release: Jul 31, 2017
Last revised: Aug 01, 2017

Out-of-bounds read condition in older versions of some Intel® Graphics Driver for Windows code branches allows local users to perform a denial of service attack. Intel recommends that users download and upgrade to the latest supported driver. Intel would like to thank Enrique Nissim of IOActive for reporting this issue and working with us on a coordinated disclosure.

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00077&languageid=en-fr

Standard
Uncategorized

Intel’s Black Hat UEFI presentation online

Vincent has a new blog post about the recent talk about UEFI security that Intel just gave at Black Hat Briefings.

http://vzimmer.blogspot.com/2017/08/black-hat-usa-2017-firmware-is-new-black.html

https://www.blackhat.com/us-17/briefings.html#firmware-is-the-new-black-analyzing-past-three-years-of-bios-uefi-security-vulnerabilities

https://github.com/rrbranco/BlackHat2017

https://github.com/rrbranco/BlackHat2017/blob/master/BlackHat2017-BlackBIOS-v0.13-Published.pdf

https://www.darkreading.com/vulnerabilities—threats/7-hardware-and-firmware-hacks-highlighted-at-black-hat-2017/d/d-id/1329442

Standard