Attacking multicore CPUs (new vulnerability discussion from Slashdot/The Register)
Posted by Lightwave, 09-16-2007, 10:02 AM Attacking multicore CPUs http://www.theregister.co.uk/2007/09..._call_sploits/ http://hardware.slashdot.org/hardwar...6/131251.shtml "The Register reports that the world of current multi-core central processing units (CPUs) just entered is facing a serious threat. A security researcher at Cambridge disclosed a new class of vulnerabilities that takes advantage of concurrency to bypass security protections such as anti-virus software The attack is based on the assumption that the software that interacts with the kernel can be used without interference. The researcher, Robert Watson, showed that a careful written exploit can attack in the little timeframe when this happens, and literally change the "words" that they are exchanging. Even if some of these dark aspects of concurrency were already known, Watson proved that real attacks can be developed, and showed that developers have to fix their code. Fast..."