Vulnerable From Below: Attacking Hypervisors Using Firmware And Hardware

August 19, 2015


Breaking hypervisor isolation and attacking — or exploiting — neighboring virtual machines is a prominent goal of cyber criminals. At the Black Hat USA 2015 and DEF CON 23 conferences, a group of Intel Security researchers from the Advanced Threat Research team demonstrated that some hypervisors are vulnerable to attacks through system firmware launched from administrative guests.

These attacks led to successful installation of a rootkit in the system firmware (such as BIOS), privilege escalation to the hypervisor privileges, and exposure of hypervisor memory contents

Read More