This is the scariest, stealthiest, and most dangerous exploit
I've seen come around since the legendary Blue Pill! No, I'm not just
trying to sensationalize this or spread fear, uncertainty and doubt.
This is serious and represents a massive new security threat for us
all. Security Researchers Joanna Rutkowska and Loic Duflot have
released
a paper and proof of concept code on
the ITL website
here. In this paper they have
described practical exploitation of the CPU cache poisoning in order to
read or write into (otherwise protected) SMRAM memory. They have
implemented two working exploits: one for dumping the content of SMRAM
and the other one for arbitrary code execution in SMRAM. This is the
third attack on SMM memory our team has found within the last 10
months, affecting Intel-based systems. It seems that current state of
firmware security, even in case of such reputable vendors as Intel, is
quite unsatisfying. Joanna cleared it up that they are not releasing a
SMM rootkit but rather a exploit. It will be up to some other folks to
tie this in with a SMM rootkit like this one perhaps.