Dmitry Skylarov and Marl Ermolov of the Positive Technologies research team revealed the finding of two never documented before x86 instructions on Intel processors that could allow threat actors to take full control of the microarchitecture, modifying the control bus access code without going through a signature verification process.
According to the report, activating these unreleased instructions requires the processor to be in Red Unlock mode. It should be remembered that Intel developers use activating this processor mode to debug their internal components, so this mode is not enabled by default; however, some processors are affected by security flaws that could allow arbitrary activation.
Through his Twitter account, Ermolov mentioned: “These instructions are decoded in all modes, even in user mode, although Red Unlock mode allows interaction with them. We’ll reveal more details shortly.”
Specialists add that these instructions allow you to control the central processor and eventually the system at the architecture and microcode level without having to go through a number of protection measures. These instructions work exactly on modern Atom processors, but may also be present on other Intel processors.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
