9 Jul
2016
9 Jul
'16
3:13 p.m.
<http://www.itnews.com.au/news/lenovo-hunts-bios-backdoor-bandits-430208> <http://www.itnews.com.au/news/lenovo-thinkpad-zero-day-bypasses-windows-security-430090> <https://github.com/Cr4sh/ThinkPwn> <https://support.lenovo.com/ca/en/solutions/LEN-8324> Summary: a call-out from SMM code can lead to privilege escalation. This code seems to have originated at Intel. Lots of machines will have this bug. (SMM == System Management Mode, an almost secret and magical part of the firmware that can run at any time without the OS or user program knowing or controlling it. It has even more privilege than the kernel.) I expect firmware updates conscientious manufacturers for many many systems. I have no idea how easy this is to exploit.