Monday, December 21, 2009

Another TXT Attack

Earlier this year our team has presented an attack against Intel TXT that exploited a design problem with SMM mode being over privileged on PC platforms and able to interfere with the SENTER instruction. The Intel response was two-fold: to patch the SMM implementation bugs we used for the attack (this patch was for both the NVACPI SMM attacks, as well as for the SMM caching attack), and also to start (intensify?) working on STM specification, that is, we heard, planned to be published sometime in the near future. STM is a thin hypervisor concept that is supposed to provide protection against (potentially) malicious SMMs.

Today we present a totally different attack that allows an attacker to trick the SENTER instruction into misconfiguring the VT-d engine, so that it doesn’t protect the newly loaded hypervisor or kernel. This attack exploits an implementation flaw in a SINIT AC module. This new attack also allows for full TXT circumvention, using a software-only attack. This attack doesn't require any SMM bugs to succeed and is totally independent from the previous one.

The press release is here.

The full paper is here.

The advisory published by Intel today can be found here.



Gynvael Coldwind said...

Great work! The paper is quite a nice X-mas present from your team, thanks ;>

simo said...

Looking forward to reading the material, awesome work as always Joanna.

Arthur said...

As always, excellent work on your teams efforts to help us all get to the bottom of (in)security. Just be sure to let us know if we ever make you mad Joanna ;)

Othman Esoul said...

Duflot referred to ACPI tables and security concerns affecting TPM on at least two papers, not sure if you are aware of it, but this work is just great!