The built-in procedure that Intel Pentium-powered computers use to blow off their digital steam could put users in hot water by making the machines vulnerable to cyberattacks, computer security researchers announced at the CanSecWest/core06 conference last week.
When the processor begins to overheat or encounters other conditions that could threaten the motherboard, the computer interrupts its normal operation, momentarily freezes and stores its activity, said Loïc Duflot, a computer security specialist for the French government’s Secretary General for National Defense information technology laboratory.
Cyberattackers can take over a computer by appropriating that safeguard to make the machine interrupt operations and enter System Management Mode, Duflot said. Attackers then enter the System Management RAM and replace the default emergency-response software with custom software that, when run, will give them full administrative privileges.
Every computer that runs on x86 chip architecture may be vulnerable to this attack, including the millions of computers that the U.S. government and industry use.