Apparently at least one of these SMM rootkits has been around since May of last
year:
Hackers Find a New Place to Hide Rootkits
http://www.pcworld.com/businesscenter/article/145703/hackers_find_a_new_pl
ace_t o_hide_rootkits.html
or here if the above wraps unusably:
http://preview.tinyurl.com/4vfsce
Scary stuff, since (a) it's at the hardware level; (b) it has been discussed
publically by Intel in employee papers; (c) a PoC rootkit has been out for
almost a year.
Since it's at the hardware level, even booting off a cleanup CD won't be able
to find it ...
--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
+-----------------------------------+
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
