Independent Attack Discoveries
The attack allows for privilege escalation from Ring 0 to the SMM on many recent motherboards with Intel CPUs. Interestingly, the very same attack will be presented by another researcher, Loic Duflot, at the CanSecWest conference in Vancouver, Canada, on... Thursday 19th, 1600 UTC. BTW, this is a different SMM-targeting attack than the one we mentioned during our recent TXT talk and that is scheduled to be presented later this year.
Here's the full story (there is also a moral at the end) …
Just after our presentation at the Black Hat last month, we (i.e. Rafal and I) have been independently approached by some person (or two different persons — we haven't figured that out actually — there were some ca. 30 people willing to ask us questions after the talk, so it's hard to remember all the faces), who was very curious about our SMM attacks (whose details we haven't discussed, of course, because Intel is still working on a fix). This person(s) started asking various questions about the attacks and one of the questions, that was asked to both me and Rafal, was if the attack used caching. Later that day, during a private ITL dinner, one of us brought this issue, and we started thinking if it was indeed possible to perform an SMM attack via CPU caching. By the end of the dinner we have sketched out the attack, and later when we got back to Poland, Rafal implemented a working exploit with code execution in SMM in a matter of just a few hours. (I think I used way too many parenthesis in this paragraph).
So, being the good and responsible guys that we are, we immediately reported the new bug to Intel (actually talking to Intel's PSIRT is getting more and more routined for us in the recent months ;). And this is how we learnt that Loic came up with the same attack (back then there was no talk description at the conference website) — apparently he approached Intel about this back in October 2008, so 3-4 months before us — and also that he's planning to present it at the CanSecWest conference in March. So, we contacted Loic and agreed to do coordinated disclosure next Thursday.
Interestingly, however, none of us was even close to being the first discoverer of the underlying problem that our attacks exploit. In fact, the first mention of the possible attack using caching for compromising SMM has been discussed in certain documents authored as early as the end of 2005 (!) by nobody else than... Intel's own employees. Stay tuned for the details in our upcoming paper.
Conclusion
If there is a bug somewhere and if it stays unpatched for enough time, it is almost guaranteed that various people will (re)discover and exploit it, sooner or later. So, don't blame researchers that they find and publish information about bugs — they actually do a favor to our society. Remember the guy who asked us if our attack used caching? I bet he (or his associates) also have had exploits for this caching bug, but apparently didn't notify the vendor. Hmm, what they might have been doing with the exploit? When was the last time you scanned your system for SMM rootkits? ;)
Anyways, congrats to Loic for being the first one who wrote exploits for this bug. Also congrats to Intel employees who originally noticed the problem back in 2005.