According to Christopher Domas, a security researcher with the Battelle Memorial Institute, a design flaw in Intel's processors can be exploited to install malware below operating systems and antivirus. The mistake was introduced in 1995, in the Pentium Pro. Hardwired into the silicon, it has been staring kernel-level programmers in the face for years says Domas.
"It's a forgotten patch to a forgotten problem, but opens up an incredible vulnerability," said Domas when he revealed the hardware bug at the Black Hat conference in Las Vegas last week.
The flaw allows smart hackers to run rookit code at the lowest level on the computer, out of reach of the operating system, applications and the hypervisor. Among other things, the rookit can quietly oversee and record the user's every keypress, mouse click and download. Efforts to find and remove the rookit from a computer can be blocked by the malware.
Intel spotted the error in its processor blueprints and corrected the issue so chips built from January 2011 and forward are not affected. According to security specialist Jacob Torrey, operating systems can mitigate against the security hole at the hypervisor level, protecting themselves from criminals exploiting the design flaw.
Millions of Intel processors in older PCs and aging laptops are permanently vulnerable but newer devices will not be affected.