The article stated the security people find them and notify intel, but if intel doesn't act, then they (security people) notify the public. Now, here's my question, if there is a vulnerability as stated, how do you or should I say does intel go about resolving the issue? Do they fix it at the plant then send out a ridiculous amount of chips?
As you said Michael, what is a SMM?! This is a whole new arena and I don't think I was even provide a preview ticket J From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Thursday, March 19, 2009 11:33 AM To: NT System Admin Issues Subject: Re: Rut roh Raggy: Exploit code targeting major Intel chip flaw to be posted 3/19/09 That's how I interpreted it as well, but I dont know anything about SMM. -- ME2 On Thu, Mar 19, 2009 at 12:31 PM, John Hornbuckle <john.hornbuc...@taylor.k12.fl.us> wrote: The article said this exploit is OS-independent, though, if I read it right. So regular user vs. admin wouldn't make a difference. Or am I totally confused? John Hornbuckle MIS Department Taylor County School District 318 North Clark Street Perry, FL 32347 www.taylor.k12.fl.us <http://www.taylor.k12.fl.us/> -----Original Message----- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, March 19, 2009 11:17 AM To: NT System Admin Issues Subject: Re: Rut roh Raggy: Exploit code targeting major Intel chip flaw to be posted 3/19/09 On Thu, Mar 19, 2009 at 11:05 AM, Micheal Espinola Jr <michealespin...@gmail.com> wrote: > http://www.networkworld.com/community/node/39825?netht=rn_031809&nladnam e=031809 Details are rather sketchy, but it does sound ominous. This caught my eye: "... privilege escalation from Ring 0 to the SMM ..." Sounds like yet another reason to run as an regular user, not with administrator rights. (Ring 0 being supervisor mode on i386; Ring 3 is user mode, IIRC.) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the Girl Scouts of Southwest Texas company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~