According to recent sources, two new security vulnerabilities have been discovered in Intel’s CPUs. These vulnerabilities will essentially let the attacker take control of the device. According to security experts, the flaw is present in all present Intel processors, with a notebook and mobile chips being the most vulnerable. Oh, boy time to head to AMD boys.
Reports indicate that all Intel CPUs have two undocumented instructions that allow you to modify the microcode and gain control over the processor and eventually the device.
The instructions are kept as a fail-safe, but they work in favor of the attacker. From what we know, all Atom-based CPUs have these two instructions, with certain hints indicating that they could be supported by all modern Intel processors.
So, any hacker with the necessary info can use these instructions to hijack a system, with the results varying from a simple system crash (shutdown) to flashing the processor with a few bits of microcode that can be used to perform a certain task (Scary).
To add to the troubles, the system experts also believe that these instructions can also be activated remotely, however, they require a special mode of operation. These instructions are likely meant for Intel engineers for debugging purposes.
Intel has justified it by stating that the instructions help their engineers to repair and debug the system in extreme cases. But the idea of knowing that our system can be easily taken over by just using two instructions gives me Goosebumps.
However, it has been brought to notice that the instructions can only be run in “Red Unlock Mode” which itself is quite hard to enable. According to sources, in the older Intel systems (before Ice Lake), “Red Unlock Mode” can be enabled through known side-channel vulnerabilities.
Since the new system is quite immune to the vulnerability, it makes the hack quite hard to accomplish in the real world. And also, only someone with extensive knowledge of the process architecture and design can carry out such an attack which is why this isn’t a well-known vulnerability.