The United States Computer Emergency Readiness Team, also known as US-CERT, has identified a huge threat to your company's IT security. Several 64-bit operating systems as well as virtualization applications using Intel processors are at risk of being exploited by a "local privilege escalation attack." The exposed operating system are based on x86-64 architecture, including Windows Server 2003 SP2, Server 2008 R2; Windows 7, NetBSD, FreeBSD, and operating systems utilizing XenServer Hypervisor.
In addition, systems using the IHC platform (Intel Hybrid Cloud) for virtualization are vulnerable to the security flaw. An elevation of privilege vulnerability is caused by a method the Windows User Mode Scheduler uses to handle system requests. With the existence of this weakness comes a higher probability of hackers exploiting it to gain kernel privileges and take control of Windows and other operating systems. If you’re using Intel CPU hardware, here are the top 3 reasons to contact your IT security support team immediately.
1. Your sensitive data is at risk of being compromised. A hacker can exploit the privilege escalation attack to execute capricious code in the kernel. The attacker must have a valid user log-in name and password, and can't be at a remote location to execute the exploit. However, once the executed code grants access to the hacker, the attacker can log into your local accounts. This will enable the hacker to install programs as well as view, alter and delete data. It's also possible to create new user accounts and grant themselves full administrative access.
2. Your current operating system is most likely threatened. The vendors affected by the Intel CPU hardware flaw are: Intel, Microsoft, Oracle, FreeBSD, SUSE, Xen, RedHat and Linux. Most companies are using products from those vendors daily, which further escalates the cause for concern. AMD and Intel both engineered security systems to prevent such attacks by isolating guest operating systems from one another and from the host. Intel has an obvious protection flaw that grants a hacker access to a once protected operating system. The US-CERT has released an advisory containing a list of affected software applications and links to patches supplied by their respective vendors.
3. Intel is not necessarily prioritizing a fix to this problem. According to Intel's vendor disclosure page, "This is a software implementation issue." Intel then notes that their CPUs are functioning per specifications and that their IntelR64 Software Developer's Manual documents their processor behavior correctly. While Intel releases patches and vendors quickly follow suit, the chance of your IT security being compromised remains a threat as long as the Intel CPU hardware remains vulnerable.
Your company's IT security depends on various factors; hardware, software and user activity can affect your network positively, or bring it down to a crashing halt. Using Intel CPU hardware can increase your company's exposure to risk, but the risk can be mitigated by partnering with an IT security provider who provides your support needs and understands your unique needs.