The U.S. Computer Emergency Readiness Team (US-CERT) has revealed a defect in 64-bit Intel chips. A security expert said for this defect, hackers could take control of Windows and other operating systems. Till now, Intel did not respond about the issue, so nothing is clear about the situation.
A report has been released this week by US-CERT and they said “Some 64-bit operating systems and virtualization software running on Intel processor are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape.”
The organization found the vulnerability in several 64-bit operating systems such as Windows 7, Windows Server 2008 R2, 64-bit versions of FreeBSD and NetBSD as well as systems that include the Xen hypervisor.
AMD processor was not affected as well as VMware’s virtualization software. Because they did not use the SYSRET instruction.
According to the Xen community blog “If an operating system is written according to AMD’s spec, but run on Intel hardware, the difference in implementation can be exploited by an attacker to write to arbitrary addresses in the operating system’s memory.”
US-CERT said alongside Microsoft and Intel, other vendors has been affected such as Joyent, Citrix, Oracle, Red Hat and SUSE Linux.