Ring3 Attackers: 64-bit Privilege Escalation Vulnerability on Intel CPU Hardware


Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape.


A ring3 attacker may be able to specifically craft a stack frame to be executed by ring0 (kernel) after a general protection exception (#GP). The fault will be handled before the stack switch, which means the exception handler will be run at ring0 with an attacker’s chosen RSP causing a privilege escalation.

Find out more about this story at US-CERT: www.kb.cert.org/vuls/id/649219


You may want to consider purchasing Malwarebytes’ Anti-Malware to protect against these types of threats.

Tags: , , , , , ,

About Dr Jay

%d bloggers like this: