SC Media UK
Misunderstood Intel documentation leads to multivendor vulnerability
"This new 'doc misunderstand' issue is not remotely exploitable," says Chris Morales, head of security analytics at Vectra. "An attacker needs to be on the system before this technique is of any use. This poor implementation of the Intel debug feature allows attackers to elevate privileges on already-compromised systems to gain low level access."