In the world of microprocessors it’s common for a CPU containing hundreds of millions of transistors to have physical errors—known as errata in the design. The CPU in computers used day in and day out by the majority of computer users likely contain errata that go unseen and have virtually no noticeable effect on the performance of the processor.
In October the threat from the errata in processors that previously caused no harm will grow significantly. Security researcher and author Kris Kaspersky says that he plans to demonstrate how a hacker could take control of a computer running any operating system by exploiting errata in a CPU.
Not only will Kaspersky demonstrate how such a hack can be made, but he says that he will offer the code freely to anyone—presumably including malicious hackers. The exploit is said to be executed by using instruction sequences and a knowledge of how Java compilers work to allow the hacker to take over the compiler.
Kaspersky says that different errata in different processors will allow different attacks to be launched on computer systems. Kaspersky told PC World, “I'm going to show real working code...and make it publicly available. Some bugs just crash the system; some allow a hacker to gain full control on the kernel level. Some just help to attack Vista, disabling security protections.”
The demonstration of the hack is going to take place in October at the Hack In The Box Security Conference. Kaspersky says that many of the errata vulnerabilities can be fixed with bios updates provided by the CPU makers. However, he points out that not all vendors use the updates and some bugs may have no workaround.
The most recent example of problems caused by errata in a CPU happened when Intel delayed some of its 45nm Penryn parts because of errata.